www.onmsft.com Open in urlscan Pro
104.27.155.67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email...
Submission: On April 24 via manual (April 24th 2019, 1:46:25 pm UTC) from US

Summary HTTP 263 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 39 domains to perform 263 HTTP transactions. The main IP is 104.27.155.67, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.onmsft.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 23rd 2018. Valid for: a year.

This is the only time www.onmsft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	104.27.155.67 104.27.155.67	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
5	151.101.120.134 151.101.120.134	54113 (FASTLY) (FASTLY - Fastly)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
5	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.38.55.104 23.38.55.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	35.186.219.42 35.186.219.42	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19f::13b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2.16.118.106 2.16.118.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2.19.45.224 2.19.45.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	52.211.205.80 52.211.205.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2600:9000:200... 2600:9000:200c:7200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
21	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.253.26 13.35.253.26	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:50a6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY - Fastly)
1	35.190.40.172 35.190.40.172	() ()
6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
28	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	151.101.192.233 151.101.192.233	54113 (FASTLY) (FASTLY - Fastly)
3	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	54.171.7.149 54.171.7.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	34.242.73.134 34.242.73.134	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	184.31.90.128 184.31.90.128	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.210.77.107 52.210.77.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.101.0.175 151.101.0.175	54113 (FASTLY) (FASTLY - Fastly)
1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	199.166.0.26 199.166.0.26	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	35.201.117.115 35.201.117.115	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE - Google LLC)
12	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.228.183.152 54.228.183.152	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1	2600:9000:200... 2600:9000:200c:9e00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:2000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	95.100.209.151 95.100.209.151	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
11	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	95.100.196.14 95.100.196.14	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
6	199.166.0.32 199.166.0.32	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
9	104.244.39.20 104.244.39.20	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
6	95.100.208.18 95.100.208.18	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
12	104.244.37.20 104.244.37.20	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1	2a02:26f0:eb:... 2a02:26f0:eb:38e::2c92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 8	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
263	58

30 104.27.155.67 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.onmsft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

winbeta.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.38.55.104 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-55-104.deploy.static.akamaitechnologies.com

cdn.nsstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ns.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
walker.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.219.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 42.219.186.35.bc.googleusercontent.com

chickensstation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19f::13b2 (European Union)

ASN20940 (AKAMAI-ASN1, US)

g.pcmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.118.106 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-118-106.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.45.224 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-45-224.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.205.80 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-205-80.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:200c:7200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.26 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-26.fra6.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:50a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.40.172 (Mountain View, United States)

ASN- ()
PTR: 172.40.190.35.bc.googleusercontent.com

api.skimlinks.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.233 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqusads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.7.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-7-149.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.242.73.134 (United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-73-134.eu-west-1.compute.amazonaws.com

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.90.128 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-128.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.77.107 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-77-107.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.98.64 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 64.98.201.35.bc.googleusercontent.com

dapperfloor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.175 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.166.0.26 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.38 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.117.115 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 115.117.201.35.bc.googleusercontent.com

admiral.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.183.152 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-183-152.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Switzerland) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:9e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:2000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

ziffdavis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.209.151 (Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-209-151.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.196.14 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-196-14.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.166.0.32 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.static.adsafeprotected.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.244.39.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: amidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.100.208.18 (Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-208-18.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.244.37.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: daldt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:38e::2c92 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cmp.teads.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.52 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	256 KB
33	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	374 KB
30	onmsft.com www.onmsft.com	436 KB
23	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	270 KB
17	openx.net 1 redirects ziffdavis-d.openx.net us-ads.openx.net eu-u.openx.net	26 KB
14	googletagservices.com www.googletagservices.com	294 KB
14	skimresources.com 4 redirects s.skimresources.com r.skimresources.com p.skimresources.com x.skimresources.com t.skimresources.com	24 KB
9	teads.tv a.teads.tv sync.teads.tv t.teads.tv	183 KB
9	imrworldwide.com 2 redirects secure-us.imrworldwide.com cdn-gl.imrworldwide.com	58 KB
9	zdbb.net 1 redirects cdn.static.zdbb.net ns.zdbb.net gurgle.zdbb.net walker.zdbb.net zdbb.net	24 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	110 KB
7	google.de adservice.google.de	1 KB
7	disqus.com winbeta.disqus.com disqus.com referrer.disqus.com	27 KB
7	wp.com i1.wp.com i0.wp.com stats.wp.com s0.wp.com i2.wp.com pixel.wp.com	45 KB
5	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	79 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
5	chickensstation.com chickensstation.com	33 KB
4	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	83 KB
4	consensu.org api.skimlinks.mgr.consensu.org admiral.mgr.consensu.org vendorlist.consensu.org cmp.teads.mgr.consensu.org	15 KB
3	google.com adservice.google.com	513 B
3	disquscdn.com c.disquscdn.com	202 KB
3	google-analytics.com 1 redirects www.google-analytics.com	17 KB
3	gstatic.com fonts.gstatic.com	37 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	exelator.com 2 redirects loadeu.exelator.com	1 KB
1	pubmatic.com hbopenbid.pubmatic.com	115 B
1	adnxs.com ib.adnxs.com	1 KB
1	casalemedia.com as-sec.casalemedia.com	903 B
1	bluekai.com stags.bluekai.com
1	dapperfloor.com dapperfloor.com	35 KB
1	bkrtx.com tags.bkrtx.com	10 KB
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net	332 B
1	disqusads.com disqusads.com
1	sharethrough.com native.sharethrough.com	108 KB
1	pcmag.com g.pcmag.com	323 B
1	nsstatic.com cdn.nsstatic.com	80 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
263	39

	Domain	Requested by
30	www.onmsft.com	www.onmsft.com ajax.cloudflare.com dapperfloor.com
28	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.onmsft.com
21	dt.adsafeprotected.com
14	www.googletagservices.com	cdn.nsstatic.com securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	chickensstation.com securepubads.g.doubleclick.net www.onmsft.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net us-ads.openx.net pagead2.googlesyndication.com
8	eu-u.openx.net	1 redirects us-ads.openx.net
8	us-ads.openx.net	www.onmsft.com us-ads.openx.net
7	pixel.adsafeprotected.com	cdn.nsstatic.com www.onmsft.com
7	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
7	platform.twitter.com	ajax.cloudflare.com platform.twitter.com
6	static.adsafeprotected.com	pixel.adsafeprotected.com www.onmsft.com
5	cdn-gl.imrworldwide.com	cdn-gl.imrworldwide.com
5	sb.scorecardresearch.com	1 redirects cdn.nsstatic.com
5	chickensstation.com	www.onmsft.com chickensstation.com
4	t.teads.tv
4	secure-us.imrworldwide.com	2 redirects
4	cdn.static.zdbb.net	1 redirects cdn.static.zdbb.net
4	p.skimresources.com
4	r.skimresources.com	1 redirects s.skimresources.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
3	x.skimresources.com	3 redirects
3	referrer.disqus.com
3	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
3	c.disquscdn.com	winbeta.disqus.com
3	www.google-analytics.com	1 redirects www.onmsft.com
3	fonts.gstatic.com	www.onmsft.com
2	sync.mathtag.com	2 redirects
2	sync.teads.tv	a.teads.tv
2	loadeu.exelator.com	2 redirects
2	ton.twimg.com	platform.twitter.com
2	t.skimresources.com	s.skimresources.com
2	pbs.twimg.com
2	cdn.krxd.net	cdn.static.zdbb.net cdn.krxd.net
2	syndication.twitter.com	1 redirects
2	disqus.com	winbeta.disqus.com
2	gurgle.zdbb.net	cdn.static.zdbb.net
2	winbeta.disqus.com	ajax.cloudflare.com www.onmsft.com
2	i1.wp.com	www.onmsft.com
2	fonts.googleapis.com	www.onmsft.com dapperfloor.com
1	cmp.teads.mgr.consensu.org	a.teads.tv
1	hbopenbid.pubmatic.com	cdn.nsstatic.com
1	ib.adnxs.com	cdn.nsstatic.com
1	as-sec.casalemedia.com	cdn.nsstatic.com
1	ziffdavis-d.openx.net	cdn.nsstatic.com
1	vendorlist.consensu.org	dapperfloor.com
1	consumer.krxd.net	cdn.krxd.net
1	beacon.krxd.net	cdn.krxd.net
1	admiral.mgr.consensu.org	dapperfloor.com
1	ad.doubleclick.net	chickensstation.com
1	stags.bluekai.com	tags.bkrtx.com
1	dapperfloor.com	chickensstation.com
1	zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	walker.zdbb.net	cdn.static.zdbb.net
1	sync.crwdcntrl.net	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	disqusads.com	winbeta.disqus.com
1	pixel.wp.com
1	api.skimlinks.mgr.consensu.org	s.skimresources.com
1	i2.wp.com
1	stats.g.doubleclick.net
1	native.sharethrough.com	cdn.nsstatic.com
1	ns.zdbb.net	cdn.nsstatic.com
1	g.pcmag.com	cdn.nsstatic.com
1	cdn.nsstatic.com	ajax.cloudflare.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	s.skimresources.com	ajax.cloudflare.com
1	s0.wp.com	ajax.cloudflare.com
1	stats.wp.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.onmsft.com
1	i0.wp.com	www.onmsft.com
0	fastlane.rubiconproject.com Failed	cdn.nsstatic.com
263	74

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.pinterest.com
motherboard.vice.com
pinterest.com
azure.microsoft.com
products.office.com
wordpress.org
michael.gillett.online

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-23` - `2019-10-23`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
ziffdavis.com DigiCert SHA2 Secure Server CA	`2019-04-02` - `2020-07-01`	a year	crt.sh
chickensstation.com Let's Encrypt Authority X3	`2019-03-06` - `2019-06-04`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
www.ziffdavis.com DigiCert SHA2 Extended Validation Server CA	`2018-05-18` - `2020-05-17`	2 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.sharethrough.com Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-11-17`	a year	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-17` - `2019-09-23`	6 months	crt.sh
api.skimlinks.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-10-23`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
m.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-09-24` - `2019-09-01`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh
*.zdbb.net COMODO RSA Domain Validation Secure Server CA	`2018-02-23` - `2021-02-22`	3 years	crt.sh
dapperfloor.com Let's Encrypt Authority X3	`2019-04-08` - `2019-07-07`	3 months	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-29` - `2019-09-27`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
admiral.mgr.consensu.org COMODO RSA Domain Validation Secure Server CA	`2018-05-11` - `2020-05-10`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-01-09` - `2020-03-09`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2019-04-17` - `2019-07-16`	3 months	crt.sh
teads.mgr.consensu.org Let's Encrypt Authority X3	`2019-02-22` - `2019-05-23`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Frame ID: 23AFB6A49F8634142BC3DB33B3B11517
Requests: 166 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.onmsft.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: E10FF62E524E3AC2466D9EAE323FC774
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=winbeta&t_i=winbeta-170911&t_u=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&t_e=Outlook.com%20was%20hacked%2C%20and%20it%27s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content&t_d=%20Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20&t_t=Outlook.com%20was%20hacked%2C%20and%20it%27s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content&s_o=default
Frame ID: D3544095DDA55E23E88B93DA16C545B0
Requests: 1 HTTP requests in this frame

Frame: https://disqusads.com/ads-iframe/prebid/?serverbid=0&experiment=links_comes_with_video_holdback&safetylevel=30&variant=fallthrough&aol=0&thumbnails_allowed=1&display_only=0&forum_pk=271420&position=top&shortname=winbeta&appnexus=1&category=tech&polymorph=0&display_bidding_enabled=1&stories_allowed=1&service=dynamic&forum_shortname=winbeta&display_allowed=1&video_allowed=0&provider=prebid&adx=0&t=1556113564&rubicon=1&sandbox_display=1&links_allowed=1&doublewide_allowed=1&criteo=1&openx=0&anchorColor=%23197278&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&disqus_version=bd8ed9f
Frame ID: B549881F9F876215DB72EA90C46F35B5
Requests: 1 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true
Frame ID: 5C3AD97C2C7A5324747A1D31313D7785
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Donmsft.com&phint=referer%3Dhttps%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&phint=bbseg%3D&phint=__bk_t%3DOutlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&limit=10&r=97453291
Frame ID: 692C43EC0554E89A6A40EF4C85B4490F
Requests: 1 HTTP requests in this frame

Frame: https://admiral.mgr.consensu.org/portal.html
Frame ID: 42910B2BC37208E418F9371EA8705F9D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: D3CF8F404A8ED00FAD702B3A4D32B7EA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 37190CEC05D21028168942C6532F9223
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: BBE05143DE70BA9A3000D793409CC39C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135612&pubCreative=138266392244&pubOrder=169870292&cb=1126691874&adsafe_par&impId=51911cb5-6697-11e9-80e7-00259086bbca
Frame ID: 44C97AACE43745CBD9D0D5BCFF3CCF8F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0CTjPh21jZmcyhlXXOpDxMN-SDmkFBHXhD-MBgD85HbqAl0LMqXk5HWyBS82XwpdeZ5Vd1g6lVNL0C4VRddZwzH8cg5UNaQiYWyWtt2hLdt0iwQPAH9BqJIMX0ZOFhM44V6kC1W4p_6ptdEoxlwBKtjcihB7xGnnq443oF_0vJwN01MYKXVT5qmtPJnhnPGvL-GGdB-GQfAZu1n6uUCsCZN1_ar8oN3yu2DFWtd11LR9xsU1o-_G5BDE5Oa9E&sai=AMfl-YTK5SakbBNg9cHv6ZpRbl1Il8VnMBMKZWYRv5kOTAFU0r317NgX9j8DAaM6eMcSDoD-OEz2yTy92sU-7zBcYoZ50BUCS1et8-yiNXp6N11jMimI_7Poh0Z_A_E&sig=Cg0ArKJSzJSM-iAnuNExEAE&urlfix=1&adurl=
Frame ID: BA1C7FD8B7A12AC5637280C65ADA5000
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194664452&placementId=104135972&pubCreative=138267103912&pubOrder=169870292&cb=1947027525&adsafe_par&impId=51911cb6-6697-11e9-80e7-00259086bbca
Frame ID: A1F5675DF31C4771F53B86A46D508F2C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIuKmcqXTopM6uUiSrC6e3Pw2yV5fVb2NulPQNP8mpoNxpwoj2wV9XVg6eJv9wwgZx2eKE4uB6LuiNdKGixNUiPAHwz7vFwYmED6oTXHkBz_0tYKVEW3CTjt6m6amIIkGyTmr2UCUf1xXhRgnGDSTThT44HOCpF0ailyda9YIMj8V4_XyvEnX2ErGnX29D8vMYGPSf96_sJG35uxNM6ExbAb5Ji9l1QvO7UO5aoIlJCMPPhKuueq9ayoyPOFNQ&sai=AMfl-YRAdJz1Cd956cvC3x_YlQ0sGXAkE8JJ8fQMUGKCZ05Fg58VPiwn3J8zmUbxoTqrb7pu2zPuCNOSbL0Ke4tOkYQIt353oNDClBw6heElghs_oiqadF961jmitmc&sig=Cg0ArKJSzELlXDTGw4b4EAE&urlfix=1&adurl=
Frame ID: 23DAFCA05BDD7AD55AA96D20814E1A49
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135732&pubCreative=138266785880&pubOrder=169870292&cb=335816495&adsafe_par&impId=51911cb7-6697-11e9-80e7-00259086bbca
Frame ID: FA75C022CD0303E4625C17BE346F83B4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7chyOeLwNdlQMcbjd58eZlfuThus8LgVnRCtgckuZiJ_7-L8cbMW2PkCZm48Kwfz166oIsrnvP961qMND3hzGkbioNwHvNl8XXC6kafMrqdJmEEmMpv4Wg6ge4vjwK3zkZMSX76nhyxRY1Wn3MzM6XnF00jwL46i4KGH0BIpLrZWZ1z4iZWslOk-i-3p8yt9qwBBMG5Lybtpd7WIukf9QICOd01vR94UR640mZvjPDroo_va56XVctJEMpXUY&sai=AMfl-YTEoTNl6VLzEznoQo92ceGvI7VfICVPBkzAQ5g5U08jmcXYI0nlA-Sxdtyh9xW4jO2JIOSbIlgpBYaJaH1RYI_YygpKMUrh9ojNhzZ7UihqXSAWyWhLrqE_bds&sig=Cg0ArKJSzKNY4DkXl0IwEAE&urlfix=1&adurl=
Frame ID: 23CB8E45447467FFB368F4BA0FEC366B
Requests: 21 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0FAE6F764F4BE73DCA38678CA4420C43
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0F913CF606A1C2AF28A9449D86D3C201
Requests: 3 HTTP requests in this frame

Frame: https://a.teads.tv/page/92134/tag
Frame ID: 6BF09D41C46447465662FF4C400D598A
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: ED758D2D70CD6864CB936B7AA9F26E2F
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7CD4C758D42D84412E632F29FA1C29FE
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6FF6308F90F4332CC5999D2A18D93D09
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 90CF9AA9A98DCD172792D7C289CCB931
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: BCAEC4BF64AC667A11FE165BDD2220F2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: BC2238C98AE8E995C64FFF6352F8BD1D
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 7B08577690CD31920C45F3377EDA33D1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1USsQHco_VUteftaLT2eCBA7js8chWQjIdCTvTDXYh_uT_OO_rlPGfD_n_fXzMQOXKacXGonlBuZnFevjUVjE8pHaFZgHVVpM07aiXwwr6USoKXl3EzSRET6qr_rw4jzKCH9UfHxgRtgUfK2ruWCALmhKo3VrPidIsw4coDj4h-Z3lfcuQ1uVdwsnw8trVuQ6ev8yG9JmWayOvXZca6vtRWLr8Ko0Y5Vl79lOZRu__kOVpb2xLbBALOYnSsMVf-CTpm_igUh5dh5kkd5r&sai=AMfl-YTWGEA5e4T-ajeRTLMVt6skBzlwUNKMc547YMwgdnKsGx80VlTKsjeTMFOTuQLbZWKNGphrDKLtvEp4lGWMwqfUP8IowqzsuBmBSmM1FZnMTIiF3rXI5M8EGpc&sig=Cg0ArKJSzMakP-kmulZwEAE&urlfix=1&adurl=
Frame ID: 95568A293D50FBB1B5C90BA28F76BA45
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1
Frame ID: 3D6DBE64DECA3D63243DD4D5504C70E3
Requests: 1 HTTP requests in this frame

Frame: https://cmp.teads.mgr.consensu.org/index.html
Frame ID: B81859409CCF0E2F004D369F387821AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=99837&userId=c2a4bd05-8b63-43bd-a7c8-69cc85603a33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&1556113574336
Frame ID: 5D4E45F07B218F6CAE9FFEB72EFAE95B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js
Frame ID: 7B2AE30DAAB12F036B9FF1A0375694D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/zrt_lookup.html
Frame ID: 4963F556F35F1E1F950F9E7A4A1BE39C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js
Frame ID: 608C9E382165481F83ACC3A055C2BBF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=3540711992&adf=1261879588&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&adsid=NT&dt=1556113574523&bpp=70&bdt=905&fdt=157&idt=155&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=4&pv=2&ga_vid=826852857.1556113570&ga_sid=1556113574&ga_hid=1464551107&ga_fc=0&iag=15&icsg=11452896682&nhd=2&dssz=34&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=10&biw=1600&bih=1200&isw=728&ish=90&ifk=3571728399&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.vjrg2j3wm043&fsb=1&dtd=176
Frame ID: 7B179402C0C82862A17FC97587A2E288
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2560515233&adf=3173537227&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&dt=1556113574639&bpp=21&bdt=1614&fdt=74&idt=72&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=5&pv=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=233629993&ga_fc=0&iag=3&icsg=11453224282&nhd=1&dssz=32&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=3525&biw=1600&bih=1200&isw=730&ish=90&ifk=2311030223&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040010&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=3&uci=3.d0cyaqovzk39&fsb=1&dtd=85
Frame ID: 0BAA223AE8388C50EBCEE3194FB8C1CB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 9B165DE8223E7B831193AC547911F1E1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 69674FE2F309A35A74442B589A56710A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 82C6B6592E23ADE799AD3344E8F5F939
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 620A8D953ADB1B8B4985D9868C03912B
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 86837BC63515FA08564DCE08A8AAADF0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 372007145C0E462DD2C46DB51BEBF635
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
html /<link[^>]+s\d+\.wp\.com/i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
html /<link[^>]+s\d+\.wp\.com/i
meta generator /WordPress( [\d.]+)?/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

263
Requests

99 %
HTTPS

31 %
IPv6

39
Domains

74
Subdomains

58
IPs

7
Countries

2869 kB
Transfer

8522 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/onmsft
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winbetadotorg?_rdr=p

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/onmsft/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/laurentgiret
Title: @laurentgiret

Search URL Search Domain Scan URL

URL: https://motherboard.vice.com/en_us/article/ywyz3x/hackers-could-read-your-hotmail-msn-outlook-microsoft-customer-support
Title: Vice’s Motherboard website

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Outlook.com+was+hacked%2C+and+it%E2%80%99s+worse+than+expected+as+hackers+also+had+access+to+some+email+content&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&via=onmsft

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&media=https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/04/Screenshot-2019-04-15-at-15.54.06.png?fit=2288%2C1404&ssl=1&description=Outlook.com+was+hacked%2C+and+it%E2%80%99s+worse+than+expected+as+hackers+also+had+access+to+some+email+content

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/
Title: Azure

Search URL Search Domain Scan URL

URL: https://products.office.com/
Title: Office 365

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://michael.gillett.online/
Title: Social Media icons by Michael Gillett

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e

Request Chain 50

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 51

https://secure-us.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 56

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=910795860&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ul=en-us&de=UTF-8&dt=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=659752292&gjid=402798866&cid=826852857.1556113570&tid=UA-71939551-1&_gid=762646086.1556113570&_r=1&z=370494348 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=826852857.1556113570&jid=659752292&_gid=762646086.1556113570&gjid=402798866&_v=j73&z=370494348

Request Chain 73

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&c9=

Request Chain 79

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=${profile_id} HTTP 302
https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true

Request Chain 111

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=0af9e182ac78c6aac84164de8c05036e HTTP 302
https://p.skimresources.com/?provider_id=0af9e182ac78c6aac84164de8c05036e&skim_mapping=true

Request Chain 116

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&sr=1600x1200 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&sr=1600x1200&ja=1

Request Chain 118

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 273

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4fc5cc0-611e-4300-9918-a2560d2c9cd2

263 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content Show response
www.onmsft.com/news/ 40 KB
10 KB 370ms
274ms Document
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c159a06587b466351249e9fd57fc470d738b56e2a1da569c0dcc9f5c9cf552

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.onmsft.com
:scheme: https
:path: /news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 24 Apr 2019 13:46:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569; expires=Thu, 23-Apr-20 13:46:09 GMT; path=/; domain=.onmsft.com; HttpOnly more_page=1; expires=Thu, 25-Apr-2019 13:46:09 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 25-Apr-2019 13:46:09 GMT; Max-Age=86400
link: <https://www.onmsft.com/wp-json/>; rel="https://api.w.org/" <https://www.onmsft.com/?p=170911>; rel=shortlink
vary: Accept-Encoding, Cookie
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4cc885910b3b6b7f-LHR
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 5 KB
708 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Oswald:400,700

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

14efa05c614dc9f7efc094190a7829e017f2fae8b6aa469de0aae692f5e763be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 24 Apr 2019 13:46:09 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 24 Apr 2019 13:46:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2019 13:46:09 GMT

GET
H2 200 bootstrap.min.css
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/ 117 KB
18 KB 74ms
73ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9291fdc44bccd9b470eddfb7e2326370687526185eeea097a02541d08b60ef53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c0af426-1d4f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88592dcdd6b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 style.css
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/ 15 KB
4 KB 73ms
72ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.43

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ac8c1ab5b4eac95c3c3d07bfddf48e84bd4cdca6e94c204455e3de71da9c3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.43
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=18511
status: 200
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Apr 2019 16:07:52 GMT
server: cloudflare
etag: W/"5caa2058-484f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88592dcde6b7f-LHR
cf-bgj: minify

GET
H2 200 style.min.css
www.onmsft.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 71ms
63ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Feb 2019 02:21:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6f5ca6-629a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88592ece56b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 front-end-gutenberg.css
www.onmsft.com/wp-content/plugins/metronet-profile-picture/css/ 27 KB
3 KB 70ms
63ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/metronet-profile-picture/css/front-end-gutenberg.css?ver=2.1.3

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/metronet-profile-picture/css/front-end-gutenberg.css?ver=2.1.3
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=31043
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Feb 2019 02:24:03 GMT
server: cloudflare
etag: W/"5c6f5d43-7943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88592ece66b7f-LHR
cf-bgj: minify

GET
H2 200 wpp.css
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/css/ 345 B
303 B 69ms
63ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55d784de8d3753e83c9051a7d2f6f6e2ad20127441d7da00bcc96e93c165f19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=1217
status: 200
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Jan 2019 04:26:03 GMT
server: cloudflare
etag: W/"5c31835b-4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88592ece76b7f-LHR
cf-bgj: minify

GET
H2 200 jetpack.css
www.onmsft.com/wp-content/plugins/jetpack/css/ 69 KB
12 KB 68ms
63ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.2.1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dedd927f59644ce29e23d3a942b6e84a875de4cc0afe541a5ad9d82269197c6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/jetpack/css/jetpack.css?ver=7.2.1
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=70494
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2019 15:06:01 GMT
server: cloudflare
etag: W/"5ca76ed9-1135e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88592ece86b7f-LHR
cf-bgj: minify

GET
H2 200 twitter-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 53 KB
54 KB 37ms
32ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9d5d7f0c649b8afca5ec420809ba9a6067a5dddd25be954f27c2ae034a1121

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 54700
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc88592ece96b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 facebook-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 54 KB
54 KB 66ms
62ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07fa03f1e5fef6c5ee89c033aa08a86d1e791714aa6437142823c8e5adea8a93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 55239
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d7c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc88592ecea6b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 logo.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 10 KB
10 KB 62ms
56ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/logo.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5abf0c3555cff7b63e38f6e7b8e7f56896937c0c2cc97cfaee7997c443e3e254

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/logo.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 10402
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-28a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc88592ecf66b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 pinterest-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 56 KB
56 KB 73ms
69ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd0425550d0738c39c0f6ffe17880245425dccd356d77a5e0e30f9845fc90ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 56968
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-de88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc885930d096b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 rss-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 53 KB
53 KB 71ms
67ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/rss-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc8413bc09ee8ffe0688a01b0059677c9cc298e6098aa01b7afdcc7f6d31bcc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/rss-medium.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 54109
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc885930d0b6b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 email-decode.min.js Show response
www.onmsft.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
823 B 31ms
31ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 23 Apr 2019 11:04:12 GMT
server: cloudflare
etag: W/"5cbef12c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 4cc88592eceb6b7f-LHR
expires: Fri, 26 Apr 2019 13:46:09 GMT

GET
H2 200 twitter-medium.png
i1.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 1 KB
1 KB 54ms
14ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png?ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

202f3b4f4f1257170b0613650becfded7a7f89b1905c0fe16c79f25bf18a6b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 24 Apr 2019 13:46:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 1331
last-modified: Tue, 19 Feb 2019 17:44:31 GMT
server: nginx
etag: "a26fca4ce6836c5e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png>; rel="canonical"
content-length: 1028
expires: Fri, 19 Feb 2021 05:44:31 GMT

GET
H2 200 facebook-medium.png
i1.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 1 KB
1 KB 53ms
14ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png?ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e139f405167783a417ee19c7635b2921bb0c67a40464af2986ae4c673b245ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 24 Apr 2019 13:46:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 1440
last-modified: Tue, 19 Feb 2019 17:44:31 GMT
server: nginx
etag: "2e17644c15b2ed08"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png>; rel="canonical"
content-length: 1158
expires: Fri, 19 Feb 2021 05:44:31 GMT

GET
H2 200 pinterest-medium.png
i0.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 1 KB
1 KB 54ms
14ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png?ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4b202fc39cdb9409f72ca54f2ab36d88e5c2b9561b17103f006f5ee4ecbdeb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 24 Apr 2019 13:46:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 1860
last-modified: Tue, 19 Feb 2019 17:44:31 GMT
server: nginx
etag: "748b1b8e853d0de7"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png>; rel="canonical"
content-length: 1318
expires: Fri, 19 Feb 2021 05:44:31 GMT

GET
H2 200 logo_transparent.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 18 KB
18 KB 71ms
68ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/logo_transparent.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ae559502a1a0ec542557b315daf48cee77071f5cba0975c7336d42cb97fd54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/logo_transparent.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 18362
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-47ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc885930d0c6b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 12 KB
4 KB 15ms
12ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2019 11:04:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cbef12c-2ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4cc88592ecbdbeda-FRA
expires: Fri, 26 Apr 2019 13:46:09 GMT

GET
H2 200 social-links.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 66 KB
66 KB 35ms
34ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/social-links.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

33adf855a03023a767d54515b2613df379f9f656427ecdf28b57036a57715f0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/social-links.png
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.43
:scheme: https
:method: GET
Referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 67734
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-10896"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4cc885939d6b6b7f-LHR
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat|Oswald:400,700
Origin: https://www.onmsft.com

Response headers

date: Mon, 25 Mar 2019 20:19:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:05:58 GMT
server: sffe
age: 2568371
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:58 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v17/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c7bdbbdc5796065794e3ffcfdd995fd7a43c618e3a56707e133f72f5ca57cd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat|Oswald:400,700
Origin: https://www.onmsft.com

Response headers

date: Wed, 27 Mar 2019 21:02:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Mar 2019 20:57:24 GMT
server: sffe
age: 2392995
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9380
x-xss-protection: 1; mode=block
expires: Thu, 26 Mar 2020 21:02:54 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/ 18 KB
18 KB 38ms
38ms Font
application/octet-stream 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
origin: https://www.onmsft.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 18028
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 4cc885939d726b7f-LHR
expires: Wed, 24 Apr 2019 16:46:09 GMT

GET
H2 200 e-201917.js Show response
stats.wp.com/ 9 KB
3 KB 78ms
15ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201917.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 19 Apr 2020 11:38:35 GMT

GET
H/1.1 200
OK embed.js Show response
winbeta.disqus.com/ 65 KB
22 KB 148ms
39ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://winbeta.disqus.com/embed.js?ver=5.1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

126a9babed80863a7d4bb61492391e41e38b91616ccfb288f6e52127952ed8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Server: openresty
Age: 5
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21846

GET
H2 200 wp-embed.min.js Show response
www.onmsft.com/wp-includes/js/ 1 KB
797 B 47ms
40ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-includes/js/wp-embed.min.js?ver=5.1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.1.1
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Oct 2018 04:00:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bbecad7-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddbf6b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 81ms
19ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201917
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT ams 32
date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 3.ams _dfw
expires: Mon, 20 Apr 2020 04:31:36 GMT

GET
H2 200 jquery.fitvids.js Show response
www.onmsft.com/wp-content/plugins/fitvids-for-wordpress/ 2 KB
1 KB 47ms
40ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eed854d2588f3afad208a8b8e5d6bd957d7489b876157239ea35ead4fff3efae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=3803
status: 200
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 15:57:52 GMT
server: cloudflare
etag: W/"5c24f680-edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc26b7f-LHR
cf-bgj: minify

GET
H2 200 comment_count.js Show response
www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
418 B 49ms
43ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=889
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2019 14:07:09 GMT
server: cloudflare
etag: W/"5c82770d-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc36b7f-LHR
cf-bgj: minify

GET
H2 200 mpp-frontend.min.js Show response
www.onmsft.com/wp-content/plugins/metronet-profile-picture/js/ 326 B
259 B 48ms
41ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.min.js?ver=2.1.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/metronet-profile-picture/js/mpp-frontend.min.js?ver=2.1.3
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Feb 2019 02:24:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6f5d43-146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc46b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 photon.min.js Show response
www.onmsft.com/wp-content/plugins/jetpack/_inc/build/photon/ 580 B
452 B 47ms
41ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2019 15:06:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca76ed9-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc56b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 88572X1541654.skimlinks.js Show response
s.skimresources.com/js/ 54 KB
20 KB 117ms
30ms Script
application/octet-stream 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4adc13921b378d59dc1567dbf768ffb04377ace6d2c7fd01dfd950db9dd6d1c

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: gzip
last-modified: Wed, 24 Apr 2019 08:15:46 GMT
server: AmazonS3
x-amz-request-id: F1F4D2006B5AD2B8
etag: "3adef90fb2c47c991e4027f92aae3b4e"
x-hw: 1556113569.cds044.lo4.hn,1556113569.cds068.lo4.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20380
x-amz-id-2: mb0LDhKBkB3vdHMLgrmA20LVcHqanAu96hSwB4G5ykNsMdjUAdjK37drVCFPm6dSUffUutpBQ04=

GET
H2 200 msft.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 2 KB
675 B 48ms
41ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/msft.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27fc9a45b9993bc868b14bb28533cf5def1b13051b0839b032685ef731b07fbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/msft.js
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=2722
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: W/"5c0af426-aa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 21 Apr 2029 13:46:09 GMT
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc76b7f-LHR
cf-bgj: minify

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 71ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FD) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/40FD)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 wpp-4.2.0.min.js Show response
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/js/ 1 KB
577 B 47ms
41ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Jan 2019 04:26:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c31835b-47b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddc86b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 01:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4017581
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33951
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 01:46:28 GMT

GET
H2 200 onmsft.com.js Show response
cdn.nsstatic.com/ns/ 257 KB
80 KB 106ms
23ms Script
application/javascript 23.38.55.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.55.104 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-55-104.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 324f33bcba4bca3e62e5d0e7cda4011ef5ad7d3756b3f475bc9b23463fab644f

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: BcGO6f0X.M2e.ko3c6Nvdl2RisRwz0PR
content-encoding: gzip
last-modified: Wed, 24 Apr 2019 11:18:23 GMT
x-amz-request-id: BE964F2433643C7F
date: Wed, 24 Apr 2019 13:46:09 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1595
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-amz-id-2: FCUDOK9QgDooyYL7uf/ldvb2B+dVXmunSZaHqpw41a7cLoPgYIJgIgJ+orCuQ2dD8aLK81p4KxA=
expires: Wed, 24 Apr 2019 14:12:44 GMT

GET
H2 404 socialite.min.js
www.onmsft.com/news/wp-content/themes/s10/js/ 0
0 44ms
40ms Script
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/news/wp-content/themes/s10/js/socialite.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /news/wp-content/themes/s10/js/socialite.min.js
pragma: no-cache
cookie: more_page=1; more_page_author=1; __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: public, max-age=10800
cf-ray: 4cc88593ddc96b7f-LHR
expires: Wed, 24 Apr 2019 16:46:09 GMT

GET
H2 200 lazysizes.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 6 KB
3 KB 46ms
42ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/lazysizes.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14815d3ad86f0839b16208a0d832d3695822c6d9bb9fc242b946cecad46799a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/lazysizes.min.js
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:41:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b981c-1934"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddca6b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 bootstrap.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 36 KB
9 KB 46ms
42ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed60479e079b9e6d5280c6fdd11636fd55a11ebf935bd8dc09c6c66eb77bb3da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:40:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b981b-91d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddcb6b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 jquery.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 94 KB
32 KB 46ms
43ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/jquery.min.js
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:41:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b9823-176d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4cc88593ddcd6b7f-LHR
x-xss-protection: 1; mode=block
expires: Sat, 21 Apr 2029 13:46:09 GMT

GET
H2 200 jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4 Show response
chickensstation.com/v2/0/ 68 KB
21 KB 336ms
260ms Script
application/javascript 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 32f686a53d5d20bea5490ebac8375c554600c6078144fc2aa661c2c70b1d7e0e

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
etag: b0ecef08949bda6df1d62785c6d351200d500ae028789bea0408f8a1ccc31e85
vary: Accept-Encoding
x-hostname: mona
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *

GET
H2 404 socialite.min.js
www.onmsft.com/news/wp-content/themes/s10/js/ 0
0 42ms
41ms Script
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/news/wp-content/themes/s10/js/socialite.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /news/wp-content/themes/s10/js/socialite.min.js
pragma: no-cache
cookie: more_page=1; more_page_author=1; __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: public, max-age=10800
cf-ray: 4cc885945e606b7f-LHR
expires: Wed, 24 Apr 2019 16:46:09 GMT

POST
H2 200 / Show response
www.onmsft.com/wp-json/wordpress-popular-posts/v1/popular-posts/ 43 B
568 B 661ms
660ms XHR
application/json 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-json/wordpress-popular-posts/v1/popular-posts/

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff791d444bc4e71c6ac058a5e73177fcd3b79472576339d33cb6b19cc9195a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-json/wordpress-popular-posts/v1/popular-posts/
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569
origin: https://www.onmsft.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
content-length: 62
:method: POST
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
x-xss-protection: 1; mode=block
access-control-allow-headers: Authorization, Content-Type
allow: GET, POST
server: cloudflare
x-wp-nonce: 13ad26896b
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
set-cookie: more_page=1; expires=Thu, 25-Apr-2019 13:46:10 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 25-Apr-2019 13:46:10 GMT; Max-Age=86400
cf-ray: 4cc885949eb66b7f-LHR
link: <https://www.onmsft.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 823
date: Wed, 24 Apr 2019 13:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 24 Apr 2019 15:32:27 GMT

POST
H2

307

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e

0
-1 B

80ms
26ms

XHR
text/html

35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 101.59.190.35.bc.googleusercontent.com
Software: openresty/1.11.2.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: null
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://www.onmsft.com
location: //r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 307
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

Redirect headers

date: Wed, 24 Apr 2019 13:46:10 GMT
via: 1.1 google
server: openresty/1.11.2.5
status: 307
location: //r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

GET
H2 200 px.gif
p.skimresources.com/ 43 B
495 B 65ms
29ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=5.43459210929407
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
status: 200
x-guploader-uploadid: AEnB2Uon7kX8GRiYS6DnxdsGrGiNIVWgbCPvylectFv1K4u2FTtiWdwWyKZKIS1yyxHOnz2DmhHGvNeRrTSniHHlNAnDCFdyKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1556113570.cds044.lo4.hn,1556113570.cds066.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
116 B 65ms
30ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=5.43459210929407
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
status: 200
x-guploader-uploadid: AEnB2Uon7kX8GRiYS6DnxdsGrGiNIVWgbCPvylectFv1K4u2FTtiWdwWyKZKIS1yyxHOnz2DmhHGvNeRrTSniHHlNAnDCFdyKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1556113570.cds044.lo4.hn,1556113570.cds066.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK count.js Show response
winbeta.disqus.com/ 1 KB
1 KB 142ms
138ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://winbeta.disqus.com/count.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1113431
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Apr 2019 23:50:33 GMT
Server: nginx
ETag: "5cad2fc9-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK geocc.js Show response
g.pcmag.com/ 184 B
323 B 57ms
6ms Script
application/javascript 2a02:26f0:6c00:19f::13b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://g.pcmag.com/geocc.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19f::13b2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Connection: keep-alive
Content-Length: 184
Content-Type: application/javascript

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 101ms
25ms Script
application/x-javascript 2.16.118.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.118.106 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-118-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Thu, 25 Apr 2019 13:46:10 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

68 KB
21 KB

24ms
21ms

Script
application/javascript

2.19.45.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.45.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-45-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1f1581edceb3c5588e77849cdc625a6ab4a4839ae99b7ee71bc2180453d60532

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: agrHj5XecDQM6D5CwKSmSS3MLUkrNwJa
content-encoding: gzip
last-modified: Mon, 15 Apr 2019 15:59:34 GMT
x-amz-request-id: C7FEC068034FC6E8
date: Wed, 24 Apr 2019 13:46:10 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20680
x-amz-id-2: X8wC+Jpw6ZHNi9fvngPaueoNIFlDHFZR6EB0sBM6mXOvg+WJHS1rEzCs9ECNlxtVHwjKFg7Fut8=
expires: Wed, 24 Apr 2019 14:46:10 GMT

Redirect headers

status: 303
date: Wed, 24 Apr 2019 13:46:10 GMT
cache-control: max-age=3600
core-eu: Yes
content-length: 0
location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
expires: Wed, 24 Apr 2019 14:46:10 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

67ms
7ms

Script
text/javascript

2600:9000:200c:7200:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: V6f0f8aPs4uc7kiNd9V1rxWOPadm6KHc
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 02:17:52 GMT
server: AmazonS3
age: 67071
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
date: Tue, 23 Apr 2019 19:09:07 GMT
x-amz-cf-id: AjetsV-6hDzpx14Lt15VRq0D7LdV23IMKvsH3VPJkWE65tY0C3BK0w==
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)

Redirect headers

status: 301
date: Wed, 24 Apr 2019 13:46:10 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2 200 nsgpt.jsonp Show response
ns.zdbb.net/ 190 B
437 B 205ms
166ms Script
application/javascript 23.38.55.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.zdbb.net/nsgpt.jsonp?u=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.55.104 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-55-104.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aefd9e79e2f49d0eae553325504d34b3a80a33bd9fcdbd19e521271462b55601

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
access-control-allow-origin: https://www.onmsft.com
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
status: 200
cache-control: max-age=59
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 176
expires: Wed, 24 Apr 2019 13:47:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 31 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "145 / 919 of 1000 / last-modified: 1556046321"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10515
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:10 GMT

GET
H2 200 tag.js Show response
native.sharethrough.com/assets/ 374 KB
108 KB 90ms
18ms Script
application/javascript 13.35.253.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/tag.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-26.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5aa877a3dffa69ab80782fb9d5f5510a00e90b174ac5280e930fe30a680353a8

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:45:48 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2019 17:45:21 GMT
server: AmazonS3
age: 41
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: guRhdMjzZL8_TR_qErftonafP-2i5j-WMA6KjsyN2BmnoLYWFzDVQg==
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
expires: Tue, 23 Apr 2019 18:45:19 GMT

GET
H2 200 /
gurgle.zdbb.net/ 43 B
238 B 226ms
124ms Image
image/gif 2.19.45.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gurgle.zdbb.net/?domain=netshelter.net
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.45.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-45-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
access-control-allow-origin: https://www.onmsft.com
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
status: 200
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 43

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=910795860&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-acc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=826852857.1556113570&jid=659752292&_gid=762646086.1556113570&gjid=402798866&_v=j73&z=370494348

35 B
102 B

27ms
19ms

Image
image/gif

2a00:1450:400c:c0a::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=826852857.1556113570&jid=659752292&_gid=762646086.1556113570&gjid=402798866&_v=j73&z=370494348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 24 Apr 2019 13:46:10 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=826852857.1556113570&jid=659752292&_gid=762646086.1556113570&gjid=402798866&_v=j73&z=370494348
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=910795860&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ul=en-us&de=UTF-8&dt=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAEAB~&jid=1932312216&gjid=1510656098&cid=826852857.1556113570&tid=UA-46557023-13&_gid=762646086.1556113570&_r=1&z=1165698202

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Screenshot-2019-04-15-at-15.54.06.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/04/ 34 KB
35 KB 33ms
23ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/04/Screenshot-2019-04-15-at-15.54.06.png?fit=945%2C580&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

bc74b03d39709f9cebe84c29501bedba890198e549c12c43cd977ab94d530727

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 24 Apr 2019 13:46:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 189342
last-modified: Mon, 15 Apr 2019 14:10:28 GMT
server: nginx
etag: "c59335fa50a33900"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/04/Screenshot-2019-04-15-at-15.54.06.png>; rel="canonical"
content-length: 35166
expires: Thu, 15 Apr 2021 02:10:28 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 173 B
473 B 34ms
32ms XHR
application/json 35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01D97SHE913FX1VSFJTA4FGR3R&persistence=1&checksum=4dbfb487bea3fbbbaa715fb416ee3c3662f7cfdc71685ef24a8cd4389e29b33e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

932c6a7798bd1865809904d4d9c5d748ef845a0abe4abc51ef45d4d132c4fad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
status: 200
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2 200 lounge.694ea7181ea49f1ce306dfc00c532f53.css
c.disquscdn.com/next/embed/styles/ 104 KB
20 KB 84ms
13ms Stylesheet
text/css 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.694ea7181ea49f1ce306dfc00c532f53.css

Requested by

Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73336a70c8e2b73cd8e349c54db26910f6f1c51be47806790252b72587ebf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4cc88595dc2997d4-FRA
status: 200
vary: Accept-Encoding
content-length: 19687
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Apr 2019 22:19:57 GMT
server: cloudflare
etag: "5cad1a8d-4ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Apr 2020 22:26:48 GMT

GET
H2 200 common.bundle.2b6bb3725200b8d992a8cb9c288952d3.js Show response
c.disquscdn.com/next/embed/ 243 KB
81 KB 84ms
14ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6bb3725200b8d992a8cb9c288952d3.js

Requested by

Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e73035342ef69a696cf2e1ddda0c23b03e39d415307cfed23c75e8899e38f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4cc88595dc2c97d4-FRA
status: 200
vary: Accept-Encoding
content-length: 82964
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Apr 2019 18:37:48 GMT
server: cloudflare
etag: "5cb0dafc-14414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Apr 2020 19:58:23 GMT

GET
H2 200 lounge.bundle.e04d6946f2fad54035486025e9a4979a.js Show response
c.disquscdn.com/next/embed/ 392 KB
101 KB 88ms
17ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e04d6946f2fad54035486025e9a4979a.js

Requested by

Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc326a932512b85b357a85eff7a4d53ba307b8f98dda12d03e5f093d35f1fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4cc88595dc2d97d4-FRA
status: 200
vary: Accept-Encoding
content-length: 103289
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Apr 2019 23:05:14 GMT
server: cloudflare
etag: "5cba542a-19379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Apr 2020 21:54:29 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 5 KB
3 KB 73ms
14ms Script
application/javascript 151.101.128.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

cfa07d11153ad01808256f0869fb00c4b1d3999f2ad31d563271410d2bee804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 39
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 2121
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame E10F 0
0 22ms
10ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.onmsft.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Apr 2019 13:46:10 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js Show response
platform.twitter.com/js/ 24 KB
8 KB 26ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/4186)
Etag: "da3e8002f83d92efe615008a56f12f48+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7925

GET
H/1.1 200
OK tweet.2b7769d244a8dfeb3ab9d97583412dec.js Show response
platform.twitter.com/js/ 18 KB
6 KB 37ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2b7769d244a8dfeb3ab9d97583412dec.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash: 9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/40EA)
Etag: "20fa27831d8703b8d33a11abad368f93+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6038

GET
H2 200 iab Show response
api.skimlinks.mgr.consensu.org/ 772 B
636 B 93ms
30ms XHR
application/json 35.190.40.172

General

Check archive.org

Show headers Download Go to

Full URL

https://api.skimlinks.mgr.consensu.org/iab

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.40.172 Mountain View, United States, ASN (),

Reverse DNS

172.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.14.0
access-control-allow-headers: *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 22ms
15ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.2.1&blog=144796107&post=170911&tz=-7&srv=www.onmsft.com&host=www.onmsft.com&ref=&fcp=554&rand=0.6010628863617531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 24 Apr 2019 13:46:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 / Show response
r.skimresources.com/api/ 130 B
390 B 29ms
28ms XHR
application/json 35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

1aa7dbc2f1636d646cbd2998a329c5bddfcb0e87d83aac407c29e86f79f397f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
status: 200
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 21ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 21ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ 149 KB
54 KB 120ms
48ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55471
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:10 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had...

0
248 B

27ms
26ms

Image
text/plain

2.16.118.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.118.106 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-118-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1556113570248&ns_c=UTF-8&cv=3.1&c8=Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&c9=
Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
123 B 140ms
140ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?dnt=1&l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1556113570262%2C%22dnt%22%3Atrue%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 109
pragma: no-cache
last-modified: Wed, 24 Apr 2019 13:46:10 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3d86f83d34c304277c6e7f7b8895f482
x-transaction: 003077a9004c03f5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame D354 0
0 175ms
167ms Document
text/html 151.101.128.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=winbeta&t_i=winbeta-170911&t_u=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&t_e=Outlook.com%20was%20hacked%2C%20and%20it%27s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content&t_d=%20Outlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20&t_t=Outlook.com%20was%20hacked%2C%20and%20it%27s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content&s_o=default

Requested by

Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 15 Apr 2019 14:10:25 GMT
ETag: W/"lounge:view:7359082732.89c142f5d3484520ca99d1a40ad3d112.2"
Content-Encoding: gzip
Content-Length: 2853
Date: Wed, 24 Apr 2019 13:46:10 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK /
disqusads.com/ads-iframe/prebid/ Frame B549 0
0 224ms
169ms Document
text/html 151.101.192.233
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://disqusads.com/ads-iframe/prebid/?serverbid=0&experiment=links_comes_with_video_holdback&safetylevel=30&variant=fallthrough&aol=0&thumbnails_allowed=1&display_only=0&forum_pk=271420&position=top&shortname=winbeta&appnexus=1&category=tech&polymorph=0&display_bidding_enabled=1&stories_allowed=1&service=dynamic&forum_shortname=winbeta&display_allowed=1&video_allowed=0&provider=prebid&adx=0&t=1556113564&rubicon=1&sandbox_display=1&links_allowed=1&doublewide_allowed=1&criteo=1&openx=0&anchorColor=%23197278&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&disqus_version=bd8ed9f
Requested by: Host: winbeta.disqus.com
URL: https://winbeta.disqus.com/embed.js?ver=5.1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.233 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Host: disqusads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

Server: openresty
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Content-Length: 5249
Date: Wed, 24 Apr 2019 13:46:10 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
229 B 269ms
160ms Image
image/gif 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://referrer.disqus.com/juggler/event.gif?imp=5kqcog91p9eb6u&experiment=links_comes_with_video_holdback&variant=fallthrough&service=dynamic&area=top&product=embed&forum=winbeta&zone=thread&version=d5dbec62496d960a18509c4fcbad403e&page_url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&page_referrer=&object_type=provider&provider=prebid&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Alinks_comes_with_video_holdback%3Afallthrough&object_id=prebid&section=default&verb=call&adjective=1&forum_id=271420
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 13 KB
3 KB 222ms
164ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1117557557051166721&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

b0b58d220721ed39431995073d5b7088f6b949cfa910902176e7fe680d14f92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 3003
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 139
last-modified: Wed, 24 Apr 2019 13:46:10 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: d4ef38a032d250018d2b9ffebda952c4
timing-allow-origin: *
x-transaction: 00538af90000ef27
expires: Wed, 24 Apr 2019 13:47:10 GMT

GET
H2

200

/
p.skimresources.com/ Frame 5C3A
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=${profile_id}
https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true

43 B
223 B

37ms
34ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
status: 200
x-guploader-uploadid: AEnB2UrXa0lGLN1a9rVwM8OM5-1y6tgK9de1Oh_KELpduWjc3P3Mye2KZCePgBX7UyJeh8J9AwfeX8iW45GrIxrmESI5DuWcPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1556113570.cds044.lo4.hn,1556113570.cds092.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=%24%7Bprofile_id%7D&skim_mapping=true
Date: Wed, 24 Apr 2019 13:46:10 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 info Show response
gurgle.zdbb.net/ 67 B
266 B 102ms
102ms XHR
application/json 2.19.45.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.45.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-45-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f937d132f32904c462b805ca52cb60c82f05475e9c9a3e1bf1a186ff7bcf296

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 67

GET
H/1.1 200
OK check Show response
walker.zdbb.net/ 5 B
335 B 108ms
14ms XHR
text/html 23.38.55.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://walker.zdbb.net/check?href=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.55.104 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-55-104.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: max-age=75555
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
1 KB 20ms
15ms Script
application/javascript 2.19.45.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.45.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-45-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: vOX6Fw__bn2WMpCSSd.iHWJcvkTqgTSa
last-modified: Mon, 15 Apr 2019 15:59:34 GMT
x-amz-request-id: 3E8257011E618836
date: Wed, 24 Apr 2019 13:46:10 GMT
content-type: application/javascript
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 844
x-amz-id-2: 65xerlGmEf4oqWhjkaYXs5EB9Lg2Yio+5DpL3tgXkdPvyp9XwSx0xGueuAtneeBEpdnY4hme2sc=
expires: Wed, 01 May 2019 13:46:10 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 31 KB
10 KB 86ms
20ms Script
text/javascript 184.31.90.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.128 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-128.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jul 2018 20:07:28 GMT
Server: Apache
ETag: "3160052-7a94-571b031e6f476"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10358
Expires: Wed, 01 May 2019 13:46:10 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
625 B 18ms
14ms Script
application/javascript 2.19.45.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.45.224 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-45-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: bZm0IrGbG8Tgqeap2ZPMITboJKpFmlQD
last-modified: Mon, 15 Apr 2019 15:59:33 GMT
x-amz-request-id: E98677FF1CBB34B0
date: Wed, 24 Apr 2019 13:46:10 GMT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 335
x-amz-id-2: SN+45zrwxpngxkme9CXrQ700TmlyEuCOH2t+sG6khoiKaoiB7H11Je8aRvTn0T8idr1NxlTAaBg=
expires: Wed, 24 Apr 2019 14:46:10 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
262 B 145ms
40ms Image
image/gif 52.210.77.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pagview_id=585a0279-c34f-4236-98d4-099d8ae17744&zd_location=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&evidon_consent=undefined&third_party_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.77.107 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-77-107.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
server: Ziff Davis BuyerBase
access-control-allow-origin: *
p3p: CP="ALL DSP COR NID"
status: 200
cache-control: No-Cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
expires: 0

GET
H2 200 xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0 Show response
dapperfloor.com/v2/0/ 114 KB
35 KB 128ms
64ms Script
application/javascript 35.201.98.64
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://dapperfloor.com/v2/0/xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.98.64 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 64.98.201.35.bc.googleusercontent.com
Software: /
Resource Hash: a2f78a983f41c7e84b1d92dade3d0e1da1fd2533d9f4717d390f42defd1e6f30

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
etag: 689ba6957105ffe1192e6d572c7d76ad7cdd23b37c10f0ae268a65c134945d56
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
x-hostname: mona
timing-allow-origin: *
access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 5 KB
3 KB 78ms
15ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 3149de0e6c9bb62c85ba02a5a6793679fff9817b9ec35dcaaea8110ccd453d95

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Age: 611
X-Cache: MISS, HIT, HIT
X-Request-Backend: krux_scala_config_webservice
X-App-Cache: HIT
Connection: keep-alive
Content-Length: 1889
X-Served-By: config-service-a003.krxd.net, cache-iad2120-IAD, cache-hhn1525-HHN
X-Response-Time: 1
Accept-Ranges: bytes
X-Do-Esi: esi
X-Timer: S1556113570.498312,VS0,VE0
ETag: "318f0e032fb63fe109f731685f49c79afedf5ccb"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=1200
X-Age: 0
X-Cache-Hits: 0, 1, 80

GET
H/1.1 200
OK 30629
stags.bluekai.com/site/ Frame 692C 0
0 391ms
389ms Document
text/html 104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Donmsft.com&phint=referer%3Dhttps%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&phint=bbseg%3D&phint=__bk_t%3DOutlook.com%20was%20hacked%2C%20and%20it%E2%80%99s%20worse%20than%20expected%20as%20hackers%20also%20had%20access%20to%20some%20email%20content%20OnMSFT.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&limit=10&r=97453291
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 2d49
Date: Wed, 24 Apr 2019 13:46:10 GMT
Connection: keep-alive
X-N: S

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 136ms
48ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:nsgpt-billboard-1,ss:%5B728.90,997.123,970.250,970.180,970.90%5D,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-rectangle-1,s:300.250,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-footer-1,ss:%5B970.90,728.90,997.123%5D,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-footer,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-stitials,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-inpage,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-skin,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-inline,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&slot=%7Bid:nsgpt-oop-masthead,s:1.1,p:/4585/ns.onmsft/general,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=9e0d0797-5b2a-8a29-85d8-f371a8c3b88c&url=https%253A%252F%252Fwww.onmsft.com%252Fnews%252Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: d59ec5391f2871628f32a827276c03a77c92b0544b3ac39c467b522c6f3f5aaf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
X-Server-Name: app06ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.onmsft.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 Aixlhp Show response
ad.doubleclick.net/ddm/adj/Brwj/ 11 B
170 B 30ms
26ms Script
text/javascript 216.58.207.38
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Brwj/Aixlhp

Requested by

Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK controltag.js.9791902f4f5b02b08a4a694e7fe1b073 Show response
cdn.krxd.net/ctjs/ 248 KB
80 KB 19ms
16ms Script
application/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.9791902f4f5b02b08a4a694e7fe1b073
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: b5e12dc14776a9d715f1c5b473ee43e07451bd2cc7e345118d02f6aff76e663d

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Age: 626697
X-Cache: HIT
Connection: keep-alive
Content-Length: 80913
X-Served-By: cache-hhn1525-HHN
Last-Modified: Mon, 15 Apr 2019 16:02:27 GMT
X-Timer: S1556113571.554759,VS0,VE0
ETag: "9791902f4f5b02b08a4a694e7fe1b073"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Thu, 12 Apr 2029 16:02:26 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 2112998

GET
H2 200 tPBVpjUr
pbs.twimg.com/card_img/1120094957249937414/ 22 KB
23 KB 68ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1120094957249937414/tPBVpjUr?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

2c42fa2e7556fc5f1623541869c2d1196760e112f9ef020bcce572e0b4ed67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 177
date: Wed, 24 Apr 2019 13:46:10 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/5 card_img/1120094957249937414
last-modified: Sun, 21 Apr 2019 22:38:22 GMT
server: ECS (fcn/40DC)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3edae10b8e2c036f1ed504af9c248f3a
accept-ranges: bytes
content-length: 22821

GET
H/1.1 200
OK tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 54 KB
13 KB 15ms
13ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:11 GMT
Server: ECS (fcn/41A3)
Etag: "ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12323

GET
H/1.1 200
OK tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 54 KB
54 KB 15ms
12ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:11 GMT
Server: ECS (fcn/41A3)
Etag: "ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12323

GET
H2 200 portal.html
admiral.mgr.consensu.org/ Frame 4291 0
0 128ms
22ms Document
text/html 35.201.117.115
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://admiral.mgr.consensu.org/portal.html
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.117.115 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 115.117.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: admiral.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
server: nginx
date: Wed, 24 Apr 2019 13:46:10 GMT
content-type: text/html
last-modified: Wed, 16 May 2018 16:27:21 GMT
vary: Accept-Encoding
x-hostname: jeremy
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H2 200 track.php Show response
t.skimresources.com/api/ 22 B
92 B 119ms
47ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/track.php

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.onmsft.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/ 22 B
409 B 107ms
37ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:10 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.onmsft.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame D3CF 0
0 7ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Sat, 09 Mar 2019 03:21:56 GMT
expires: Sun, 08 Mar 2020 03:21:56 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 4011854
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 Mkq3Fw_x_normal.jpg
pbs.twimg.com/profile_images/1111858358766706688/ 2 KB
2 KB 10ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1111858358766706688/Mkq3Fw_x_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

4405971d9a1b4f010f0fe21a7706dc781f4ca59ac1b536a91dd89d2a6e3154fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 118
date: Wed, 24 Apr 2019 13:46:10 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/5 profile_images/1111858358766706688
last-modified: Sat, 30 Mar 2019 05:09:04 GMT
server: ECS (fcn/4196)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f338ddd1e717d821d56e2cd13bef86e1
accept-ranges: bytes
content-length: 2187

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
7 KB 43ms
8ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6839
x-response-time: 11
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 76441194a5a76402a08adc9128e26708
accept-ranges: bytes
expires: Wed, 01 May 2019 13:46:10 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 43ms
9ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6839
x-response-time: 11
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 76441194a5a76402a08adc9128e26708
accept-ranges: bytes
expires: Wed, 01 May 2019 13:46:10 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK optout_check Show response
beacon.krxd.net/ 63 B
316 B 181ms
39ms Script
text/javascript 54.228.183.152
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.ziffdavis.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.9791902f4f5b02b08a4a694e7fe1b073
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.183.152 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-183-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5689f3d6640befe887d11fbdbe526ce4c8bbb16d7eefe0c15c4994484a2c8997

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:11 GMT
Cache-Control: private, max-age=0, s-max-age=0
X-Request-Time: D=76 t=1556113571
Connection: keep-alive
X-Served-By: beacon-n030-dub.krxd.net
Content-Length: 63
Content-Type: text/javascript

GET
H2

200

/
p.skimresources.com/ Frame 5C3A
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=0af9e182ac78c6aac84164de8c05036e
https://p.skimresources.com/?provider_id=0af9e182ac78c6aac84164de8c05036e&skim_mapping=true

43 B
166 B

31ms
30ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=0af9e182ac78c6aac84164de8c05036e&skim_mapping=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:11 GMT
status: 200
x-guploader-uploadid: AEnB2UrXa0lGLN1a9rVwM8OM5-1y6tgK9de1Oh_KELpduWjc3P3Mye2KZCePgBX7UyJeh8J9AwfeX8iW45GrIxrmESI5DuWcPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1556113571.cds044.lo4.hn,1556113571.cds092.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=0af9e182ac78c6aac84164de8c05036e&skim_mapping=true
Date: Wed, 24 Apr 2019 13:46:11 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK 03fdde25-725e-48c5-a12f-7573d4d3eb24 Show response
consumer.krxd.net/consent/get/ 237 B
613 B 1949ms
49ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/03fdde25-725e-48c5-a12f-7573d4d3eb24?idt=device&dt=kxcookie&callback=Krux.ns.ziffdavis.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.9791902f4f5b02b08a4a694e7fe1b073
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 830ce433f7ca55cc4225cf953b38d53f1912e4b8a28b88cd37a77dede506c993

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:12 GMT
Via: 1.1 varnish
Age: 0
X-Timer: S1556113573.791629,VS0,VE27
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=1800
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-Age: 0
Content-Length: 193
X-Served-By: consumer-a012-dub.krxd.net, cache-hhn1541-HHN

GET
H2 404 pubvendors.json Show response
www.onmsft.com/.well-known/ 31 KB
7 KB 644ms
641ms Fetch
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/.well-known/pubvendors.json
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466cf0e1c509bdc12e94455107dbc76ceb7dcebb86edf4a8adf29ad35d6ea539

Request headers

:path: /.well-known/pubvendors.json
pragma: no-cache
cookie: __cfduid=d7a9ebcb458bebc09126ccd15a59969451556113569; _ga=GA1.2.826852857.1556113570; _gid=GA1.2.762646086.1556113570; _gat=1; _gat_ns=1; geoCC=DE; h_zdbb=; kxziffdavis_visits=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
:scheme: https
:method: GET
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:11 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Cookie
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: more_page=1; expires=Thu, 25-Apr-2019 13:46:11 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 25-Apr-2019 13:46:11 GMT; Max-Age=86400
cf-ray: 4cc8859a6cb06b7f-LHR
link: <https://www.onmsft.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 79 KB
15 KB 66ms
8ms Fetch
application/json 2600:9000:200c:9e00:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:9e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cf931522604c2fd9bb71b09f2dd9fba453d98d82751faa33240b26b983d4ac2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

x-amz-version-id: 08aPFHn5PHaD1pAthXGQkD3hBwbK58iF
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 60392
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 18 Apr 2019 16:00:19 GMT
server: AmazonS3
date: Tue, 23 Apr 2019 21:05:05 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
via: 1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-id: m4LYxHbcTZCzKbp3oOCxtCrkmy-1cV5Rn7zIHYbv0oBrd6cO_zl3NQ==

GET
H2 200 ziffdavis.json Show response
cdn-gl.imrworldwide.com/ci/ 262 B
796 B 650ms
593ms XHR
application/json 2600:9000:200c:2000:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/ci/ziffdavis.json
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:2000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f75ee8a760c4319b767725c06ad12a0f5291c38fe35e93cbe59c18f02fdc248

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

x-amz-version-id: ZCZNaymqNpuT8SENcY5lNAW3Z1X3Wv0I
via: 1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
etag: "1755ccfbfde3144d5444ccdbef529c66"
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 262
last-modified: Mon, 08 Apr 2019 19:02:13 GMT
server: AmazonS3
date: Wed, 24 Apr 2019 13:46:12 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 0QxlMBciqhJ16ZAjfScpFrOoymwsGs7WR_sQfwugZO7fdjc9PzeIkw==

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com...
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com...

44 B
332 B

52ms
37ms

Image
image/gif

52.211.205.80
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&sr=1600x1200&ja=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.205.80 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-205-80.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:11 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:11 GMT
server: nginx
access-control-allow-origin: *
location: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1556113571101&ci=ziffdavis&js=1&cg=0&ts=krux-coretag.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&sr=1600x1200&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 302
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
229 B 152ms
151ms Image
image/gif 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://referrer.disqus.com/juggler/event.gif?imp=5kqcog91p9eb6u&experiment=links_comes_with_video_holdback&variant=fallthrough&service=dynamic&area=top&product=embed&forum=winbeta&zone=thread&version=d5dbec62496d960a18509c4fcbad403e&page_url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&page_referrer=&object_type=advertisement&provider=prebid&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Alinks_comes_with_video_holdback%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&forum_id=271420
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:11 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 3719
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

8ms
8ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B1) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Apr 2019 13:46:11 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B1)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 24 Apr 2019 13:46:11 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 24 Apr 2019 13:46:11 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 3d86f83d34c304277c6e7f7b8895f482
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 111
x-transaction: 0069fee100b0b362
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
229 B 152ms
151ms Image
image/gif 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:11 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 arj Show response
ziffdavis-d.openx.net/w/1.0/ 174 B
661 B 314ms
223ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=80c18ad8-dc6a-4937-acd7-879a8a45c561%2C4a0b785b-2faa-4de1-89bc-27826bfdc141%2C70e920a7-aee8-4d8e-b69b-d906bc4b5756&nocache=1556113571493&x_gdpr_f=1&aus=728x90%2C997x123%2C970x250%2C970x180%2C970x90%7C300x250%7C970x90%2C728x90%2C997x123&divIds=nsgpt-billboard-1%2Cnsgpt-rectangle-1%2Cnsgpt-footer-1&auid=540322690%2C540322690%2C540322690&
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 509d321bf5ebfd2abb6e40c2844594317674d2d9e403e3fd95906a85cf11ed1f

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:11 GMT
content-encoding: gzip
server: OXGW/16.132.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.onmsft.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
903 B 189ms
146ms XHR
application/json 95.100.209.151
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=230303&v=7.2&r=%7B%22id%22%3A%225628cf68b439b7%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226f1f2d7fb22f52%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%227646279ee38223%22%2C%22banner%22%3A%7B%22w%22%3A997%2C%22h%22%3A123%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22997x123%22%7D%7D%2C%7B%22id%22%3A%2282084f16a282b5%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22998db8fb87a4a8%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A180%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22id%22%3A%2210243c9538c76fc%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2211827afa7d3b7d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22125f36fbf2e18f6%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2213a0b346fbfe538%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2214a33d7cb9717cb%22%2C%22banner%22%3A%7B%22w%22%3A997%2C%22h%22%3A123%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22997x123%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.209.151 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-209-151.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6aeac9430126c9c8889adccde8821096139ac9946f962da1a49089fab5fd9208

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Wed, 24 Apr 2019 13:46:11 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 373 B
1 KB 59ms
59ms XHR
application/json 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6e73f2421834662d82b43cbb91ecdd8310cdd727cc19f620f41410756ad13dda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Proxy-Origin: 185.216.33.6; 185.216.33.6; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.121:80
AN-X-Request-Uuid: 2f860cd8-637b-4f7d-bf76-bbdd7a65d399
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 373
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 87ms
26ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 24 Apr 2019 13:46:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.onmsft.com

POST
H2 200 zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp Show response
chickensstation.com/v2/0/ 216 B
569 B 261ms
193ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 30a00b1b42b0833d71fd12651693b92a4476f70461db534723b18b08636d64b7

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Apr 2019 13:46:11 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: mona
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 24 Apr 2019 13:46:10 GMT

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 7ms
7ms Script
application/javascript 2600:9000:200c:7200:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e291bbb3e4fb297a94692ab518e3640c78e230baa4c94443bf0b5029113ffa2

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: rYAzc9XRCHGQZ9uakbsqoVG0VbUGjsFC
content-encoding: gzip
last-modified: Wed, 24 Apr 2019 10:22:45 GMT
server: AmazonS3
age: 2268
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
date: Wed, 24 Apr 2019 13:08:25 GMT
x-amz-cf-id: 6IOeYnNPothHMXtZcy2g2oDnceNyGZqKTxfMePBhtyZYLM6lLLxZAQ==
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 154 KB
45 KB 9ms
8ms Script
application/javascript 2600:9000:200c:7200:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: OqMDVoXMC0Pl.vtZ9bUCz1Vpdssske9w
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 16:35:08 GMT
server: AmazonS3
age: 67073
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Tue, 23 Apr 2019 19:08:32 GMT
x-amz-cf-id: 1D5ZqpUUWcS65mLyiJowMoftCziRSQNFuarvvW85oAwl1NCsDATq_w==
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame BBE0 0
0 8ms
7ms Document
text/html 2600:9000:200c:7200:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: IMRID=94746de9-e711-4baf-911e-c7d376615138
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
content-type: text/html
last-modified: Wed, 27 Mar 2019 16:35:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rzSfMcx919QN3wc1e0jl4CN3A2NWibC3
server: AmazonS3
content-encoding: gzip
date: Tue, 23 Apr 2019 19:08:24 GMT
cache-control: max-age=86400
vary: Accept-Encoding
age: 67073
x-cache: Hit from cloudfront
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
x-amz-cf-id: kmH6276nTXwFMJdFDZOi8ozOF8drZEkifWctz4Sp-tuqa4Z7Yv7Slw==

POST
H2 200 hnz9Qi8OCdCWodSgXyxs0zOe7EiFUmHQdrdcM3ag-SCkO1UC0ArkMPEfAi7lH5wFZXSV2PQ Show response
chickensstation.com/v2/0/ 44 KB
11 KB 259ms
258ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/hnz9Qi8OCdCWodSgXyxs0zOe7EiFUmHQdrdcM3ag-SCkO1UC0ArkMPEfAi7lH5wFZXSV2PQ
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1aa10cc4247add4f4fe1e5de8f43f622ed414a0fb1f6c88180ca66e0d7890a43

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Apr 2019 13:46:12 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-hostname: mona
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 css
fonts.googleapis.com/ 767 B
446 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,600

Requested by

Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/xwau_JEHsktceHtM3Wq0E5ylZf4Vn0kW3DV8hm02x8rW5CP2w58YrFqTRwyycpk3D36P86VOq0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 24 Apr 2019 13:46:12 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 24 Apr 2019 13:46:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2019 13:46:12 GMT

POST
H2 200 zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp Show response
chickensstation.com/v2/0/ 214 B
272 B 26ms
26ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c151d9ee92f2bee8d3359c62f62111314264af0405de53833335675cc87b12e6

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Apr 2019 13:46:12 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: mona
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 214
expires: Wed, 24 Apr 2019 13:46:11 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,600
Origin: https://www.onmsft.com

Response headers

date: Mon, 25 Mar 2019 20:19:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:00 GMT
server: sffe
age: 2568393
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:39 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 169 KB
63 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b31c5d6db3361a830539f258989d9c3e9d218a58f60540412856cab9c8de32ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 64377
x-xss-protection: 0
server: cafe
etag: 5768618164406819643
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 14:37:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
8 KB 248ms
247ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4065677304848876&correlator=1456320492340704&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062833%2C21063606%2C21063618&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-33&iu_parts=4585%2Cns.onmsft%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C997x123%7C970x250%7C970x180%7C970x90%2C300x250%2C970x90%7C728x90%7C997x123%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ists=63&prev_scp=ad_group%3Dad_opt%26rfr%3Dfalse%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26id%3D51911cb5-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%2C50%7Cad_group%3Dad_opt%26rfr%3Dfalse%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26id%3D51911cb6-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40%2C50%2C60%7Cad_group%3Dad_opt%26rfr%3Dfalse%26OOF%3Dfalse%26ppos%3Dbtf%26pos%3Dbtf%26id%3D51911cb7-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%2C50%7Cad_group%3Dad_opt%26OOP_type%3Dfooter%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cb8-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cad_group%3Dad_opt%26OOP_type%3Dstitials%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cb9-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cad_group%3Dad_opt%26OOP_type%3Dinpage%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cba-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cad_group%3Dad_ex0%26OOP_type%3Dskin%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cbb-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cad_group%3Dad_opt%26OOP_type%3Dinline%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cbc-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cad_group%3Dad_opt%26OOP_type%3Dmasthead%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D51911cbd-6697-11e9-80e7-00259086bbca%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40&eri=4&cust_params=url%3D%252Fnews%252Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content%26ref%3D%26gdpr%3D0%26zcp%3D00f08aaae2fb84441577f%26cpid%3D0fcd3ef5f3d55af162b62d4c0003463e%26mop%3Dy%26amznslots%3D%26zdid%3D0fcd3ef5f3d55af162b62d4c0003463e%26zc%3Db68197e4-b81a-47b5-907a-fdfc89462fbe%26zdbb%3D%26p2%3D%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie_enabled=1&bc=15&abxe=1&lmt=1556113572&dt=1556113572708&dlt=1556113569715&idt=744&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1023%2C435%2C0%2C0%2C0%2C0%2C0%2C0&adys=10%2C481%2C3525%2C1199%2C1199%2C1199%2C1199%2C1199%2C1199&adks=279938881%2C2351508231%2C1866651154%2C2010920048%2C3406363913%2C2007403025%2C2821218942%2C2007379262%2C2772684750&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=55&icsg=4436540705993472&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C320x250%7C730x90%7C1600x3850%7C1600x3850%7C1600x3850%7C1600x3850%7C1600x3850%7C1600x3850&msz=980x90%7C320x250%7C730x90%7C1x1%7C1x1%7C1x1%7C1x1%7C1x1%7C1x1&blev=1&bisch=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=910795860&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

981b5595643a08a0204fe05e983a443432c3a6c88d5f645d41fb473c8e982ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 7683
x-xss-protection: 0
google-lineitem-id: 104135612,104135972,104135732,4910077359,4910077359,4748685738,4910077359,4910077359,4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138266392244,138267103912,138266785880,138256970537,138255991290,138268337176,138256924662,138256970492,138256970531
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ 71 KB
27 KB 50ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27289
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0 8ms
7ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 44C9 44 KB
13 KB 98ms
44ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135612&pubCreative=138266392244&pubOrder=169870292&cb=1126691874&adsafe_par&impId=51911cb5-6697-11e9-80e7-00259086bbca
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 32300badad2d054b366f98b742b1ce60214e32938501dfc3e79b26ad395ba8cf

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
X-Server-Name: app04ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame BA1C 0
66 B 27ms
26ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0CTjPh21jZmcyhlXXOpDxMN-SDmkFBHXhD-MBgD85HbqAl0LMqXk5HWyBS82XwpdeZ5Vd1g6lVNL0C4VRddZwzH8cg5UNaQiYWyWtt2hLdt0iwQPAH9BqJIMX0ZOFhM44V6kC1W4p_6ptdEoxlwBKtjcihB7xGnnq443oF_0vJwN01MYKXVT5qmtPJnhnPGvL-GGdB-GQfAZu1n6uUCsCZN1_ar8oN3yu2DFWtd11LR9xsU1o-_G5BDE5Oa9E&sai=AMfl-YTK5SakbBNg9cHv6ZpRbl1Il8VnMBMKZWYRv5kOTAFU0r317NgX9j8DAaM6eMcSDoD-OEz2yTy92sU-7zBcYoZ50BUCS1et8-yiNXp6N11jMimI_7Poh0Z_A_E&sig=Cg0ArKJSzJSM-iAnuNExEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BA1C 31 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "145 / 964 of 1000 / last-modified: 1556046321"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10515
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA1C 75 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

687acb8aeb86f7c27520294c820dce24828b3d694c56af53d640f6fbe06d92c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28641
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28619
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame A1F5 44 KB
13 KB 119ms
59ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194664452&placementId=104135972&pubCreative=138267103912&pubOrder=169870292&cb=1947027525&adsafe_par&impId=51911cb6-6697-11e9-80e7-00259086bbca
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: ba627ca74e37193fcc5a4e83f6fd24ed5b5a26c8e26ccc51ea30b3c118910906

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
X-Server-Name: app30ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 23DA 0
57 B 27ms
26ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIuKmcqXTopM6uUiSrC6e3Pw2yV5fVb2NulPQNP8mpoNxpwoj2wV9XVg6eJv9wwgZx2eKE4uB6LuiNdKGixNUiPAHwz7vFwYmED6oTXHkBz_0tYKVEW3CTjt6m6amIIkGyTmr2UCUf1xXhRgnGDSTThT44HOCpF0ailyda9YIMj8V4_XyvEnX2ErGnX29D8vMYGPSf96_sJG35uxNM6ExbAb5Ji9l1QvO7UO5aoIlJCMPPhKuueq9ayoyPOFNQ&sai=AMfl-YRAdJz1Cd956cvC3x_YlQ0sGXAkE8JJ8fQMUGKCZ05Fg58VPiwn3J8zmUbxoTqrb7pu2zPuCNOSbL0Ke4tOkYQIt353oNDClBw6heElghs_oiqadF961jmitmc&sig=Cg0ArKJSzELlXDTGw4b4EAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 23DA 31 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "145 / 66 of 1000 / last-modified: 1556046321"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10515
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23DA 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

687acb8aeb86f7c27520294c820dce24828b3d694c56af53d640f6fbe06d92c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28641
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame FA75 44 KB
13 KB 108ms
56ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135732&pubCreative=138266785880&pubOrder=169870292&cb=335816495&adsafe_par&impId=51911cb7-6697-11e9-80e7-00259086bbca
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: d6a84aebc6725c5ed675f60c93bbb5ed9b078b77646adb5078001b33561915c2

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
X-Server-Name: app12ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 23CB 0
48 B 28ms
26ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7chyOeLwNdlQMcbjd58eZlfuThus8LgVnRCtgckuZiJ_7-L8cbMW2PkCZm48Kwfz166oIsrnvP961qMND3hzGkbioNwHvNl8XXC6kafMrqdJmEEmMpv4Wg6ge4vjwK3zkZMSX76nhyxRY1Wn3MzM6XnF00jwL46i4KGH0BIpLrZWZ1z4iZWslOk-i-3p8yt9qwBBMG5Lybtpd7WIukf9QICOd01vR94UR640mZvjPDroo_va56XVctJEMpXUY&sai=AMfl-YTEoTNl6VLzEznoQo92ceGvI7VfICVPBkzAQ5g5U08jmcXYI0nlA-Sxdtyh9xW4jO2JIOSbIlgpBYaJaH1RYI_YygpKMUrh9ojNhzZ7UihqXSAWyWhLrqE_bds&sig=Cg0ArKJSzKNY4DkXl0IwEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 23CB 31 KB
10 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "145 / 309 of 1000 / last-modified: 1556046321"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10515
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23CB 75 KB
28 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

687acb8aeb86f7c27520294c820dce24828b3d694c56af53d640f6fbe06d92c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28641
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
DATA 200
OK truncated
/ Frame 0FAE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0fa8be006ea1cf58adb96c2017bcb6f69c08f589741628cdf6c2735fd0770b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0F91 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c9c75c73ac3e24076825baeed4668eab6a789d6f90d80dee13cebc4919676af

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag Show response
a.teads.tv/page/92134/ Frame 6BF0 1 KB
866 B 172ms
51ms Script
application/javascript 95.100.196.14
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92134/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.14 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b225490811d67c17670e1600f115509dc1bc9ae589e26ebffbb07f0a6d2bd79

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 601
expires: Wed, 24 Apr 2019 14:46:13 GMT

GET
DATA 200
OK truncated
/ Frame 6BF0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0631c81006e2dfb3bbc9ef30b6ccee3163ad6c7348044d3b7606ef1d68d93eae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ED75 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fab70ad6c30e6b7e87b4a073272bb187d4772edcef06fe27db166daaec15039

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7CD4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36168adba49d66221c24e1ab52e981036913f4247884d109b632ce24b2820ef5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6FF6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce4c888581c99edd5b66209c1b5baf62547a64828d52a5af53467cabab0827a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 0FAE 826 B
934 B 12ms
7ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Apr 2019 01:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 389568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 0
expires: Sat, 27 Apr 2019 01:33:25 GMT

GET
H2 200 view%3Fxai%3DAKAOjsvLkxx45Fj-SMgqYdaJmVDdDsqg0AmflNjd2JAjEFEod8Gy2WmV9CE2tA9yGrkr7lPRtUfDB4Dn6vPkmzTycpivT7vfazukAAlbx5qH7iJPzXJ8uiD7y9fTgOOpVAGfxbGJFjbNcVsKuCZCnuinscSNAhvq0tRI0rL0MCFJ2X_bXKxnalFP...
securepubads.g.doubleclick.net/pcs/ Frame 0FAE 0
48 B 31ms
27ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvLkxx45Fj-SMgqYdaJmVDdDsqg0AmflNjd2JAjEFEod8Gy2WmV9CE2tA9yGrkr7lPRtUfDB4Dn6vPkmzTycpivT7vfazukAAlbx5qH7iJPzXJ8uiD7y9fTgOOpVAGfxbGJFjbNcVsKuCZCnuinscSNAhvq0tRI0rL0MCFJ2X_bXKxnalFP-JxcOZYziAOZN_j7W5QTmjjXHg-dxtWX7mHfo_5SvjmmRocEKnt3-c2Z0XwymbCv3S4bqjCBP9CLvQ%26sai%3DAMfl-YT-da28IElAGBnLReFNNZpFX2bWvPDMO4eRNz1YoQNirPO8yEVqKYSVi6mDOxO-OM84r4ohmLvNvNVMIQI_fZ6Mlp3puFt4QfezWo0pvCeetZCvfxN8R_leI2s%26sig%3DCg0ArKJSzGDCZlBOASveEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 0F91 826 B
884 B 11ms
8ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Apr 2019 01:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 389568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 0
expires: Sat, 27 Apr 2019 01:33:25 GMT

GET
H2 200 view%3Fxai%3DAKAOjstYCje8VL6fZJaZcSS7My_QXIiuU_9T8UGtWJtuoVg4mzckSlMiqPJYj20f_Lk25fBzLO1uU0G6RtrQOnXigrAYE2VBRei_DG9Ek5jB9IPvZrcBnc2i6JPnExXcWg0K803Ywi6WbjCzbVCFOo4Sv0RtANT1l3X-oyH66BBgFe6pPQDNGr6z...
securepubads.g.doubleclick.net/pcs/ Frame 0F91 0
48 B 31ms
28ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstYCje8VL6fZJaZcSS7My_QXIiuU_9T8UGtWJtuoVg4mzckSlMiqPJYj20f_Lk25fBzLO1uU0G6RtrQOnXigrAYE2VBRei_DG9Ek5jB9IPvZrcBnc2i6JPnExXcWg0K803Ywi6WbjCzbVCFOo4Sv0RtANT1l3X-oyH66BBgFe6pPQDNGr6znrM0jHv3oce5fL7blTSDq8sKdVghYaf27Dji6kByfQB8cf3wtuLL3Q73fAoFjnu0EksH0lXcAxYsBQ%26sai%3DAMfl-YTVANVnG2E17TTlnbNDTOMYcbxkpAgBUwxTvc-tpOu9b3UD6mo35ckpGheeWYddL-vvIocZj8_msbH80OplIBCUKrfI1kQeOXgRy4yUqpKw9StIalelWT2AqRU%26sig%3DCg0ArKJSzEBarGOWE8oNEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame ED75 826 B
884 B 10ms
7ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Apr 2019 01:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 389568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 0
expires: Sat, 27 Apr 2019 01:33:25 GMT

GET
H2 200 view%3Fxai%3DAKAOjsuy7LE7mKOps9ML2qDPGqAL19h4j8J_EAJ7jbponttnGOYliLrfz59OuB5O7p25AdcMCtJwOf2tPksejqVE4qeoBt3v3dUdPN1upFTEyhH52TuczCBAQSuaNL3_F5Yyvx8tWaNVcknUbaSdW5srez0mbFLk4hjAcYdvPt69YZep-02LPs07...
securepubads.g.doubleclick.net/pcs/ Frame ED75 0
57 B 31ms
28ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuy7LE7mKOps9ML2qDPGqAL19h4j8J_EAJ7jbponttnGOYliLrfz59OuB5O7p25AdcMCtJwOf2tPksejqVE4qeoBt3v3dUdPN1upFTEyhH52TuczCBAQSuaNL3_F5Yyvx8tWaNVcknUbaSdW5srez0mbFLk4hjAcYdvPt69YZep-02LPs07ucDZ-auCPPySAHGJd8yj5F8pxPGyccBu3Z7ebF7Qbd3oRHCYyvkZbv8H8QfWnA6WNwQ2CE8YQDn9nA%26sai%3DAMfl-YTsv5k5WXLg2VC2V3IIic_VWlsWUwO1TjDem6uwct8WIY34yjQLL_IbMPSTCHBzgCdD7i-tdgy4Bf_B8JwOrNZ5czn0F9U59hNpdLawEhYsnB668C40VwuyAI0%26sig%3DCg0ArKJSzAYtmUT6LyNDEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 7CD4 826 B
884 B 10ms
7ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Apr 2019 01:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 389568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 0
expires: Sat, 27 Apr 2019 01:33:25 GMT

GET
H2 200 view%3Fxai%3DAKAOjsskPkdTTDlD3jJuXdTDFG1JnFdiMy2XaTvOaJPhW3JUcU1MbX4LYNgYe1ja_LEgBMrKhe4_mpzFI1bz-qFM67YKaJIy8helQbFe0b2pJAaz_CAYiMm-hXabuo0tx36MDzm0P05Dfdnl2g5seOFa2ZUx_1ElqITM5x7Fuh9SYiPNTOJ1IGlq...
securepubads.g.doubleclick.net/pcs/ Frame 7CD4 0
48 B 30ms
28ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsskPkdTTDlD3jJuXdTDFG1JnFdiMy2XaTvOaJPhW3JUcU1MbX4LYNgYe1ja_LEgBMrKhe4_mpzFI1bz-qFM67YKaJIy8helQbFe0b2pJAaz_CAYiMm-hXabuo0tx36MDzm0P05Dfdnl2g5seOFa2ZUx_1ElqITM5x7Fuh9SYiPNTOJ1IGlqoeQJgFPeBy58cQ16JBANrYS_k5RGhKFQX554mxXwIHtmpchHfB_2Fa6HXcv1g3IeE6FwAcKqLhdaBw%26sai%3DAMfl-YSl0tH8iHBZ3TtvbRxJeAOL3cIfGx8mm9KJuz_WwPB2E9dHItMHs2dAr0-BFjrklcdWO2RuX_e0INLyKpzuPu4AbkkJLAyFtlAHnpJ1P4cBxxYsQHFTeUDHoKM%26sig%3DCg0ArKJSzJkZ68YP8aBjEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 6FF6 826 B
884 B 10ms
7ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Apr 2019 01:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 389568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 0
expires: Sat, 27 Apr 2019 01:33:25 GMT

GET
H2 200 view%3Fxai%3DAKAOjss7wurV0KQlJwoLJV79cYdqyYVFdV_kaFFd2XIbl6hpTREMBt1jX6fm56q-bfAcIlh2S_E6DsdXrYVp9IANw6Ekho4w9KnE4YWLXHt5ZrG-WPhtYJolvSx5n2Mz4rWyFBDP6R521mLho0FNIt71wQr9WPcPsPdodyJxlF7k5ulj4dhyrUIU...
securepubads.g.doubleclick.net/pcs/ Frame 6FF6 0
48 B 38ms
36ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss7wurV0KQlJwoLJV79cYdqyYVFdV_kaFFd2XIbl6hpTREMBt1jX6fm56q-bfAcIlh2S_E6DsdXrYVp9IANw6Ekho4w9KnE4YWLXHt5ZrG-WPhtYJolvSx5n2Mz4rWyFBDP6R521mLho0FNIt71wQr9WPcPsPdodyJxlF7k5ulj4dhyrUIURBdunjWV3BejRvU7AZGEEO-treIrFJgNv20LV8tuR5z9fnP3K468rG0CwRicqiahPe85BOTtnCqI9Q%26sai%3DAMfl-YSIop9JIECIsF77FPQH4HBrjpT8xAL4uqfQFMNnD9YInuW5OmyA-BVtZ-7GQi0sdVTOnkzYR5VLh3F5qtDE0Mjm_8LUWbqUqhysSTCmvrQOxEfH9wYNzxKRdg0%26sig%3DCg0ArKJSzKonNaCTZm8pEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 pubads_impl_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA1C 149 KB
54 KB 51ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55471
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame BA1C 113 B
175 B 20ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 23DA 149 KB
54 KB 52ms
51ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55471
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 23DA 113 B
175 B 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 23CB 149 KB
54 KB 50ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55471
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 23CB 113 B
175 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK main.17.4.179.js Show response
static.adsafeprotected.com/ Frame 44C9 154 KB
49 KB 127ms
51ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.179.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135612&pubCreative=138266392244&pubOrder=169870292&cb=1126691874&adsafe_par&impId=51911cb5-6697-11e9-80e7-00259086bbca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: dcd1780e0cbc098919b2c0affc3af8b9cf9eb70faa1c5678feb25f0f1d0bbcd5

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 19:31:39 GMT
X-Server-Name: app37ami.ami.303net.pvt
ETag: "5c9a7e1b-c1fe"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49662
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.17.4.179.js Show response
static.adsafeprotected.com/ Frame FA75 154 KB
49 KB 130ms
45ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.179.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135732&pubCreative=138266785880&pubOrder=169870292&cb=335816495&adsafe_par&impId=51911cb7-6697-11e9-80e7-00259086bbca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: dcd1780e0cbc098919b2c0affc3af8b9cf9eb70faa1c5678feb25f0f1d0bbcd5

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 19:31:39 GMT
X-Server-Name: app12ami.ami.303net.pvt
ETag: "5c9a7e1b-c1fe"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49662
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.17.4.179.js Show response
static.adsafeprotected.com/ Frame A1F5 154 KB
49 KB 124ms
47ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.179.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194664452&placementId=104135972&pubCreative=138267103912&pubOrder=169870292&cb=1947027525&adsafe_par&impId=51911cb6-6697-11e9-80e7-00259086bbca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: dcd1780e0cbc098919b2c0affc3af8b9cf9eb70faa1c5678feb25f0f1d0bbcd5

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 19:31:39 GMT
X-Server-Name: app36ami.ami.303net.pvt
ETag: "5c9a7e1b-c1fe"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49662
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BA1C 3 KB
2 KB 306ms
304ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=969714007876062&correlator=160142489511196&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062845%2C21063606&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F8095840%2F.2_7619.3_onmsft.com_tier1&sz=728x90&eri=2&cookie=ID%3D7ebf1477ad6b7a64%3AT%3D1556113572%3AS%3DALNI_MZdSVZQBkNtGXy-Uim_b52VfIV3Wg&cdm=www.onmsft.com&bc=15&lmt=1556113573&dt=1556113573181&dlt=1556113573008&idt=164&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=90&oid=3&adx=310&ady=10&adk=1060057622&uci=ly00dz1fc6zv&ifi=1&ifk=553091629&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&top=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90&msz=980x90&blev=1&bisch=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=1465978333&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a05c79b83ccab976092d6a98219e3d3859faff27eb9c648ba72e9f01bbce9cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1956
x-xss-protection: 0
google-lineitem-id: 28456320
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252005687
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA1C 71 KB
27 KB 50ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27289
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame BA1C 0
0 9ms
6ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BA1C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395419e9adc479ba3b53c1d5e5c206db350e2682a0da07e1ee82fb7792ec4e04

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 23DA 12 KB
6 KB 361ms
361ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=616390653493721&correlator=2281039788553028&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062818%2C21063451%2C21063606%2C953563516&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F8095840%2F.2_7550.4_onmsft.com_tier1&sz=300x250&eri=2&cookie=ID%3D7ebf1477ad6b7a64%3AT%3D1556113572%3AS%3DALNI_MZdSVZQBkNtGXy-Uim_b52VfIV3Wg&cdm=www.onmsft.com&bc=15&lmt=1556113573&dt=1556113573229&dlt=1556113573018&idt=199&ea=0&frm=23&biw=1600&bih=1200&isw=320&ish=250&oid=3&adx=1013&ady=481&adk=358651622&uci=q1arovlt6i8w&ifi=1&ifk=486006243&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&top=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x250&msz=320x250&blev=1&bisch=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=1639497912&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

90e4b2e2d53a75212e146dbfdf4a3e61177a951c59a5598fd4568775f3ff3a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6565
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 23DA 71 KB
27 KB 50ms
48ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27289
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame 23DA 0
0 8ms
7ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 23CB 3 KB
2 KB 310ms
309ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3423255505589112&correlator=1940443981466974&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062453%2C21062818%2C21063618%2C53887177&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F8095840%2F.2_7619.3_onmsft.com_tier1&sz=728x90&eri=2&cookie=ID%3D7ebf1477ad6b7a64%3AT%3D1556113572%3AS%3DALNI_MZdSVZQBkNtGXy-Uim_b52VfIV3Wg&cdm=www.onmsft.com&bc=15&lmt=1556113573&dt=1556113573245&dlt=1556113573026&idt=213&ea=0&frm=23&biw=1600&bih=1200&isw=730&ish=90&oid=3&adk=1060057622&uci=7qob35qkvw4m&ifi=1&ifk=2311030223&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&top=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=233629993&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

6f4052336dfa5f709231973850a4e3ca59690d4aeeda678d84aae463b68132ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1528
x-xss-protection: 0
google-lineitem-id: 28456320
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252005687
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 23CB 71 KB
27 KB 49ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27289
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 23CB 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 690 KB
182 KB 48ms
47ms Script
text/javascript 95.100.196.14
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/92134/tag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.14 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a385a3c6ab8b52c84cadec76467954e0fccb0a5435c85de3726ef6198ec746eb

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
last-modified: Wed, 24 Apr 2019 09:32:16 GMT
x-amz-request-id: EC6C08D9183B1D23
etag: "8c146542a6862705f29f1977c6d8498a"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=600
x-bucket: 4
accept-ranges: bytes
content-length: 185124
x-amz-id-2: oUw7ytIrCrAs+MFD+utoE6X68Fvodbn0RNVOjaO9Gv9ovtlsMey4FCz63i2xH2wf22BjM/7sMX0=
expires: Wed, 24 Apr 2019 13:56:13 GMT

GET
DATA 200
OK truncated
/ Frame 23DA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36b1379bd273a0435239291450df12dff051d93a4fa09ab55631d1f47b8a14b9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 90CF 81 KB
20 KB 25ms
24ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app36ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 35ms
33ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135612&pubCreative=138266392244&pubOrder=169870292&cb=1126691874&adsafe_par&impId=51911cb5-6697-11e9-80e7-00259086bbca&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&adsafe_type=abdfq&adsafe_jsinfo=,id:a3e1e32c-3d41-1b10-f34d-a7128f6c4448,c:aI5oBS,sl:inView,em:true,fr:true,mn:app04ami,pt:1-5-15,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:221,oid:530964b6-6697-11e9-8f5d-00259086cc0e,v:17.4.179,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: app30ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 113ms
21ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oCd,pingTime:0,time:240,type:pf,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:240,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[43~100],as:[43~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:DIV,rmeas:0}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt02ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame BCAE 81 KB
20 KB 25ms
24ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app36ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 56ms
55ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=300x250&pubId=53576252&chanId=194664452&placementId=104135972&pubCreative=138267103912&pubOrder=169870292&cb=1947027525&adsafe_par&impId=51911cb6-6697-11e9-80e7-00259086bbca&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&adsafe_type=abdfq&adsafe_jsinfo=,id:3aecb5e2-2e76-48b9-f76a-68e17a3b9148,c:aI5oCr,sl:inView,em:true,fr:true,mn:app30ami,pt:1-5-15,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rozbY6E+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:227,oid:530cc043-6697-11e9-9918-382c4ac6318d,v:17.4.179,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: app12ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 95ms
21ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oCG,pingTime:-2,time:270,type:a,im:{sf:0,pom:1,prf:{beA:118,beZ:119,mfA:310,cmA:311,inA:311,inZ:320,prA:320,prZ:329,si:339,poA:339,poZ:346,cmZ:346,mfZ:346,loA:359,loZ:362,ltA:387,ltZ:387,mdA:120,mdZ:271}},sca:{dfp:{df:4,sz:980.90,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:270,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[73~100],as:[73~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/4585/ns.onmsft/general_0,google_ads_iframe_/4585/ns.onmsft/general_0__container__,nsgpt-billboard-1,zd-leaderboard],sinceFw:48,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt27ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 104ms
21ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oCI,pingTime:0,time:244,type:pf,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:244,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[25~100],as:[25~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rozbY6E+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:0,renddet:DIV,rmeas:0}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt02ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame BC22 81 KB
20 KB 33ms
32ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 24 Apr 2019 13:46:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app36ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 25ms
25ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=728x90&pubId=53576252&chanId=194664452&placementId=104135732&pubCreative=138266785880&pubOrder=169870292&cb=335816495&adsafe_par&impId=51911cb7-6697-11e9-80e7-00259086bbca&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&adsafe_type=abdfq&adsafe_jsinfo=,id:cb70eba0-5856-6b99-8d69-45517e0cc430,c:aI5oD2,sl:outOfView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:435.3525.730.90,am:i,cc:435.3525.730.90,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d1|1d2|1e*.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,pl:,rend:0,renddet:WINDOW,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:268,oid:530bd5c9-6697-11e9-9cab-002590882ece,v:17.4.179,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: app30ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 70ms
21ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oDb,pingTime:-2,time:273,type:a,im:{sf:0,pom:1,prf:{beA:135,beZ:137,mfA:353,cmA:353,inA:353,inZ:355,prA:355,prZ:359,si:362,poA:362,poZ:369,cmZ:369,mfZ:369,loA:380,loZ:381,ltA:408,ltZ:408,mdA:137,mdZ:291}},sca:{dfp:{df:4,sz:320.250,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:273,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[54~100],as:[54~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rozbY6E+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/4585/ns.onmsft/general_1,google_ads_iframe_/4585/ns.onmsft/general_1__container__,nsgpt-rectangle-1,custom_html-3,single-sidebar],sinceFw:46,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt27ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 76ms
24ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=cb70eba0-5856-6b99-8d69-45517e0cc430&tv={c:aI5oDu,pingTime:-2,time:296,type:a,im:{sf:0,pom:1,prf:{beA:123,beZ:125,mfA:376,cmA:377,inA:377,inZ:385,prA:385,prZ:389,si:392,poA:392,poZ:399,cmZ:399,mfZ:399,loA:407,loZ:408,ltA:419,ltZ:419,mdA:125,mdZ:279}},sca:{dfp:{df:4,sz:730.90,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:730,h:90,t:268}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:296,n:0,pp:0,pm:0},slEvents:[{sl:o,t:268,wc:0.0.1600.1200,ac:435.3525.730.90,am:i,cc:435.3525.730.90,piv:0,obst:0,th:0,reas:l,bkn:{piv:[37~0],as:[37~730.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d1|1d2|1e*.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0,slid:[google_ads_iframe_/4585/ns.onmsft/general_2,google_ads_iframe_/4585/ns.onmsft/general_2__container__,nsgpt-footer-1],sinceFw:27,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt02ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 wigo-no-slot
sync.teads.tv/ Frame 7B08 0
0 114ms
63ms Document
text/html 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: tt_viewer=4625066e-9fe4-4a24-9380-32effe35e18b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 325
expires: Wed, 24 Apr 2019 13:46:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:13 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
309 B 41ms
31ms Image
image/gif 2.16.118.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1556113573565&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=80581436&cs_ucfr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.118.106 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-118-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
157 B 127ms
55ms Image
image/gif 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&pageId=92134&pid=99837&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1556113573563&fv=2.21.74-ab-test-aa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:13 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 track
t.teads.tv/ 23 B
157 B 133ms
60ms Image
image/gif 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&pageId=92134&pid=99837&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1556113573563&fv=2.21.74-ab-test-aa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:13 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
309 B 71ms
28ms Image
image/gif 2.16.118.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1556113573578&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=45857246&cs_ucfr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.118.106 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-118-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
157 B 134ms
62ms Image
image/gif 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&pageId=92134&pid=109962&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1556113573577&fv=2.21.74-ab-test-aa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:13 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 track
t.teads.tv/ 23 B
157 B 135ms
64ms Image
image/gif 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-minimum&pageId=92134&pid=109962&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1556113573577&fv=2.21.74-ab-test-aa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:13 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9556 0
48 B 28ms
26ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1USsQHco_VUteftaLT2eCBA7js8chWQjIdCTvTDXYh_uT_OO_rlPGfD_n_fXzMQOXKacXGonlBuZnFevjUVjE8pHaFZgHVVpM07aiXwwr6USoKXl3EzSRET6qr_rw4jzKCH9UfHxgRtgUfK2ruWCALmhKo3VrPidIsw4coDj4h-Z3lfcuQ1uVdwsnw8trVuQ6ev8yG9JmWayOvXZca6vtRWLr8Ko0Y5Vl79lOZRu__kOVpb2xLbBALOYnSsMVf-CTpm_igUh5dh5kkd5r&sai=AMfl-YTWGEA5e4T-ajeRTLMVt6skBzlwUNKMc547YMwgdnKsGx80VlTKsjeTMFOTuQLbZWKNGphrDKLtvEp4lGWMwqfUP8IowqzsuBmBSmM1FZnMTIiF3rXI5M8EGpc&sig=Cg0ArKJSzMakP-kmulZwEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9556 31 KB
0 40ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "145 / 309 of 1000 / last-modified: 1556046321"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10515
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 pubads_impl_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9556 149 KB
0 50ms
49ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55471
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 9556 113 B
175 B 29ms
25ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9556 3 KB
2 KB 171ms
163ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=687316459974391&correlator=3375011033522228&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062819%2C21062886&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F8095840%2F.2_A.6889.3_onmsft.com_tier2&sz=728x90&eri=2&cookie=ID%3D7ebf1477ad6b7a64%3AT%3D1556113572%3AS%3DALNI_MZdSVZQBkNtGXy-Uim_b52VfIV3Wg&cdm=www.onmsft.com&bc=15&lmt=1556113573&dt=1556113573653&dlt=1556113573617&idt=12&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adk=2338238382&uci=9iqyp7nqwh30&ifi=1&ifk=3571728399&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&top=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=5&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=826852857.1556113570&ga_sid=1556113574&ga_hid=1464551107&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e0a1124e3584a0a22e99264c61a15b8e192433e8eb8a9a7efc53d76f3c061aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1765
x-xss-protection: 0
google-lineitem-id: 4873797111
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252006365
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9556 71 KB
27 KB 53ms
51ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2019 13:06:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27289
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame 9556 0
0 10ms
9ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9556 75 KB
28 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

687acb8aeb86f7c27520294c820dce24828b3d694c56af53d640f6fbe06d92c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28641
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA1C 76 KB
28 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28619
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame 3D6D 0
0 17ms
0ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-32/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3971
date: Fri, 08 Mar 2019 21:04:04 GMT
expires: Sat, 07 Mar 2020 21:04:04 GMT
last-modified: Wed, 06 Feb 2019 20:59:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 4034529
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23DA 76 KB
28 KB 51ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28619
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 142ms
141ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oKl,pingTime:-10,time:744,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.95v220002022020220000022002222000022220202020222222222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220222222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC45NXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC45NXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8OHx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1556113573872||0a1d03ec5c663a667c8a499c3a3e3a70||bf486f3aba4c432632bded0f99a7bd42||4d6d70fc387f293c6ae3946d607a441d||202bc9a22842486ab83efd8dfa960023||6f16a4801f815baa4a5aa10192d03d60||8bd1d5c5dd7e28783dc32879a8404a9b||80580d25239d2155c640ae0b92a38ed8||1529428597,env:{ar:self.0}}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:13 GMT
X-Server-Name: dt01dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 23CB 0
57 B 29ms
27ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj8UB2taluoeaj9UlaZBVrfmr77nDXdEqtcCCWVCX8I9dGniKPjPnvJtU1Cc3v6oxht46wZP-boa_2xWOtYhJwIojQqauJnOeV7t2ukV1UcclwZ6PJCJyEc_bwi3jmXkUtUKPMC1oPUQh-3_K4TDoQDmb4KNyTevlENj0AMDjqJROm-FxNleblJCQIHsi5GA2di6IlldbNxY8XFUhGPwqNmHzhwyq372rF3ME7F-4LpSQN_vXLLASzKww-g2dRIkOAe8RPBR0nZ2IOqiWG&sai=AMfl-YTTnsWjR2csJMKmZzr0wlpoLPeVpzIs_8dwxhp_uM8EUqxhzh7NdgaLAGEgnwjew1qMsoj_JDcXiGGkFBKwzameFiVqeaFAMVWU1I7AosBuYlgJT3pY4aUsc50&sig=Cg0ArKJSzAyVhGK3MAmKEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23CB 76 KB
28 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28619
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:13 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 23CB 3 KB
2 KB 165ms
165ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3423255505589112&correlator=1940443981466974&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062453%2C21062818%2C21063618%2C53887177&vrg=2019041801&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=1&sfv=1-0-33&iu=%2F8095840%2F.2_A.6889.3_onmsft.com_tier2&sz=728x90&eri=2&cookie=ID%3D7ebf1477ad6b7a64%3AT%3D1556113572%3AS%3DALNI_MZdSVZQBkNtGXy-Uim_b52VfIV3Wg&cdm=www.onmsft.com&bc=15&lmt=1556113573&dt=1556113573932&dlt=1556113573026&idt=213&ea=0&frm=23&biw=1600&bih=1200&isw=730&ish=90&oid=3&adk=2338238383&uci=qs820pwudelg&ifi=2&ifk=2311030223&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&top=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&dssz=12&icsg=2730&std=0&csl=100&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&psts=CikIgOvIDegBt-LYg4MEgAKgjLEDgAKYjbEDgAKQu6kT0QLFojCwL2Y7FA&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=233629993&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

16eafa59f5ea2e9c970ee5c536f3ae79e72b67daba2c683525cbb22e7fa06aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1769
x-xss-protection: 0
google-lineitem-id: 4873797111
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252006365
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
cmp.teads.mgr.consensu.org/ Frame B818 0
0 64ms
6ms Document
text/html 2a02:26f0:eb:38e::2c92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.teads.mgr.consensu.org/index.html
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:38e::2c92 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cmp.teads.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

x-amz-id-2: vdORZ14R0dTctWmMU/EOcM7BBf+Z9MLOr1KCWgKLdBpMUg3zyARR6csEJfYfeviniVcFvkAXIQc=
x-amz-request-id: C69A7B05AAC09A27
Last-Modified: Fri, 14 Sep 2018 07:42:32 GMT
ETag: "e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 583
Server: AmazonS3
Cache-Control: max-age=300
Expires: Wed, 24 Apr 2019 13:51:14 GMT
Date: Wed, 24 Apr 2019 13:46:14 GMT
Connection: keep-alive

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 153ms
150ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=cb70eba0-5856-6b99-8d69-45517e0cc430&tv={c:aI5oLY,time:822,type:e,env:{ar:a3e1e32c-3d41-1b10-f34d-a7128f6c4448.2},es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:822,n:0,pp:0,pm:0},slEvents:[{sl:o,t:268,wc:0.0.1600.1200,ac:435.3525.730.90,am:i,cc:435.3525.730.90,piv:0,obst:0,th:0,reas:l,bkn:{piv:[562~0],as:[562~730.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:426,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d1|1d2|1e*.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9556 0
57 B 51ms
23ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzpVosciVrSN_Iq0rudGaJ27pnKSfafbvaIYuNC5e1BmVok1MhUSTTbDuxXuX6J1PoEHXU0zvAd2UPz3zEYrlgtr_LQZb_54yEXL1WXI4WXXdRsrayG8teQrjTPUxxvJU0zAy-Rk62TpdYwxgGWwU-0Lw3IAR6cIToqvCPjjzSBd__13Rrxpgkh1AMslcLGbppCSgoTAD2Fp4UjCq1nLZa0-soexWLeCfmIr9cWWwswL98IV4OpNWLYjp2NKSGGaZ2j0aN2RnKvC1J4EzD&sai=AMfl-YTyb8IGePO8gLNOFH6rNDHJr08pkMs4SBioGj4wog5y-bKd8PH8mrnBkx3yj9x3Er9_i0CFgZ19DFHQ0PSCsOshrGrpy7285eJg-M_XhsfqodICGIw3NyLNJM0&sig=Cg0ArKJSzBJjA9U8L5VAEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 jstag Show response
us-ads.openx.net/w/1.0/ Frame 9556 48 KB
18 KB 76ms
32ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 009903ce6677daaf68c585e8bfe78a26e8ef474cb40e403c4a797ac36811f9ac

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17954
expires: Wed, 24 Apr 2019 14:46:14 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9556 76 KB
28 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041801.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555931705985636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28619
x-xss-protection: 0
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 ad Show response
a.teads.tv/page/92134/ 86 B
304 B 256ms
254ms XHR
application/json 95.100.196.14
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92134/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&page=%7B%22id%22%3A92134%2C%22placements%22%3A%5B%7B%22id%22%3A99837%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A706%2C%22height%22%3A397%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A23%2C%22consent%22%3A%22%22%2C%22reason%22%3A230%7D%7D&userId=c2a4bd05-8b63-43bd-a7c8-69cc85603a33&formatVersion=2.21.74&env=js-web&netBw=10&ttfb=274
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.14 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2140372ece2cfab238453f838c69a30459f8f61958e106ae01b88e770f6e51f8

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.onmsft.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 99
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 140ms
140ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oNR,time:935,type:e,env:{ar:a3e1e32c-3d41-1b10-f34d-a7128f6c4448.1},es:0,sc:1,ha:1,gm:1,slTimes:{i:935,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[717~100],as:[717~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:445,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt01dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 9556 2 KB
1 KB 132ms
130ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=370122623&callback=OX_370122623&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683521&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 6427f62cfeed2a0ab33a3790ac2592992806cd1109221ef7bc991943a38c5856

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 23CB 0
48 B 25ms
25ms Fetch
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLr7HTmkKKpOihM_hs_uRDvaqesy2-eCHgrqBNY18LidhNNV9zJuKrAs3PMzMwic_MRx8YxRqRsKTyFZf6e-Wd0xqViXr9tTtPHR1yUGiwjWMCOPm3CsP1nUO_JmroeH8gbvMCSmw1JVTK3By9WywbEqdys1yM61v_3bapKlokWNnWZ55AMWsQeSSzB7l6DQlHonOGgQSRyKQ3rNbaByuM5aXnQgNDfxTrq4nzVVvdKbhA7NcOQpoWo9iHrWZ2VXwQMgQxUx9qHLxF1N8L&sai=AMfl-YSSH0eCI4rFrX4DFstDsJbjFX1NS1Td4CAfgbQkxwIH2jNqJTSqHZ6myzXvxJ7TnmD3xWf-umKctvC_lWjCvHNgytIBq0XPI4JNoelobWexWk8rl5Uu6Zn4fAs&sig=Cg0ArKJSzFKAHu7cCguIEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Apr 2019 13:46:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 jstag Show response
us-ads.openx.net/w/1.0/ Frame 23CB 48 KB
0 76ms
32ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 009903ce6677daaf68c585e8bfe78a26e8ef474cb40e403c4a797ac36811f9ac

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17954
expires: Wed, 24 Apr 2019 14:46:14 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 23CB 2 KB
1 KB 124ms
124ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=8713780073&callback=OX_8713780073&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683521&dims=1600x1200&adxy=435%2C3525&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: d10255e845f635e8b5567e4c8f8661e2562abf656f2dceb62bf7bf55b1193c3e

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 9556 2 KB
1 KB 121ms
119ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=5415176956&callback=OX_5415176956&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683515&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&mt=1&nl=33&ul=38
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: d5aafb5bae0b9b44510ea2c1d1d726e5bc982a8f22f72a0843477c80df490e16

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 23CB 2 KB
1 KB 129ms
127ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=5854579460&callback=OX_5854579460&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683515&dims=1600x1200&adxy=435%2C3525&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1&nl=33%2C35&ul=38%2C38
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 2e367e5afc4bad16e13a47cca921dfe7b6c27e51506c45a0ef716cad44fdb3a9

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BA1C 42 B
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbKqgx_2irJVYjIsD-VIU6RDZ675r-ZQpgojBES7BuidN229KuZYH_GsZYqGeLrtnbOwoF8_Evy6MmXxEBSgDJLu7Ws_I2_VdRKH48wO8&sig=Cg0ArKJSzFQ3rGfimheWEAE&adk=279938881&tt=1181&bs=1600%2C1200&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&p=10,310,100,1290&mcvt=1040&rs=3&ht=0&tfs=158&tls=1198&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1556113573015&rpt=236&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1600%2C3860&ss=1600%2C1200&pt=18&deb=1-9-9-19-9-19-95-7&tvt=1189&r=v&id=osdim&vs=4&uc=7&upc=1&tgt=BODY&cl=1&cec=7&clc=0&cac=0&cd=980x90&v=20190422

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe
sync.teads.tv/ Frame 5D4E 0
0 114ms
107ms Document
text/html 95.100.208.18
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=99837&userId=c2a4bd05-8b63-43bd-a7c8-69cc85603a33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&1556113574336
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.208.18 , Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-208-18.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?pid=99837&userId=c2a4bd05-8b63-43bd-a7c8-69cc85603a33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&1556113574336
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: tt_viewer=4625066e-9fe4-4a24-9380-32effe35e18b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 1368
expires: Wed, 24 Apr 2019 13:46:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
set-cookie: tt_exelate=; Expires=Thu, 25 Apr 2019 13:46:14 GMT; Domain=.teads.tv tt_bluekai=; Expires=Thu, 25 Apr 2019 13:46:14 GMT; Domain=.teads.tv tt_emetriq=; Expires=Thu, 25 Apr 2019 13:46:14 GMT; Domain=.teads.tv tt_liveramp=; Expires=Thu, 25 Apr 2019 13:46:14 GMT; Domain=.teads.tv tt_neustar=; Expires=Thu, 25 Apr 2019 13:46:14 GMT; Domain=.teads.tv

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 9556 2 KB
1 KB 128ms
127ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=9398452112&callback=OX_9398452112&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683514&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&mt=1&nl=33%2C35%2C32&ul=38%2C38%2C34
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 8bff5d60fc7c831f91f141ab07b464b597737afe081d41e04104fe268fcfb231

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 141ms
139ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oSp,pingTime:1,time:1244,type:p,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1244,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1047~100],as:[1047~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:170,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:BODY,rmeas:0}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt01dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 149ms
148ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oSp,pingTime:1,time:1244,type:pf,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1244,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1047~100],as:[1047~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:170,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:BODY,rmeas:0}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 111ms
20ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oSq,pingTime:1,time:1245,type:c,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1245,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1048~100],as:[1048~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:170,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:BODY,rmeas:0,metricId:publ1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt18ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 132ms
21ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5oSq,pingTime:1,time:1245,type:c,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1245,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1048~100],as:[1048~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:170,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:BODY,rmeas:0,metricId:grpm1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt18ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 23CB 2 KB
1 KB 126ms
125ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=2929565305&callback=OX_2929565305&ju=https%3A//www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&jr=&auid=538683514&dims=1600x1200&adxy=435%2C3525&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1&nl=33%2C35%2C32%2C32&ul=38%2C38%2C34%2C35
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 858dadecea2e9a27ef2a8e128b7705318be68a3612f134b3a117dc318c6a76b3

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 23DA 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhpXV_5sH3JfToviuehs3O2JIMRVUozssWqCmxdgTv5PKfDiitXvBKNsenVb-WdarVWlHXho2TULGn-oVo1U6i1IGkOD_Eb3y4KxjFQ6Y&sig=Cg0ArKJSzDm03lpoKTDQEAE&adk=2351508231&tt=1284&bs=1600%2C1200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&p=481,1013,731,1333&mcvt=1005&rs=3&ht=0&tfs=296&tls=1301&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1556113573023&rpt=263&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1600%2C3860&ss=1600%2C1200&pt=18&deb=1-9-9-20-10-19-107-8&tvt=1292&r=v&id=osdim&vs=4&uc=7&upc=1&tgt=BODY&cl=1&cec=7&clc=0&cac=0&cd=320x250&v=20190422

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 114ms
20ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oSR,pingTime:1,time:1245,type:p,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1245,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1026~100],as:[1026~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:144,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt18ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 169ms
140ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oSS,pingTime:1,time:1246,type:pf,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1246,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1027~100],as:[1027~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:144,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt01dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
148ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oSS,pingTime:1,time:1246,type:c,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1246,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1027~100],as:[1027~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:144,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:publ1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 32ms
20ms Image
image/gif 104.244.39.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5oST,pingTime:1,time:1247,type:c,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1247,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1028~100],as:[1028~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:144,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:grpm1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: amidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:14 GMT
X-Server-Name: dt18ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9556 64 KB
25 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e751de1d8a4d5ce76d3dbe0052e6efc783978164441a5d4b75ca904d696732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25229
x-xss-protection: 0
server: cafe
etag: 5484427261586255365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 23CB 64 KB
25 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e751de1d8a4d5ce76d3dbe0052e6efc783978164441a5d4b75ca904d696732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25229
x-xss-protection: 0
server: cafe
etag: 5484427261586255365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9556 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9556 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ Frame 9556 205 KB
77 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ Frame 7B2A 205 KB
77 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/ Frame 4963 0
0 8ms
6ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190417/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlpa2BzELBDXMQS-3_CAyZtTDq3FF8_ImXNypupBw2LL1CL0uUNSorzM0y8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 17 Apr 2019 16:06:19 GMT
expires: Wed, 01 May 2019 16:06:19 GMT
content-type: text/html; charset=UTF-8
etag: 3275482936266559025
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6909
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 596395
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 23CB 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 23CB 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ Frame 23CB 205 KB
0 32ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ Frame 608C 205 KB
0 32ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 13:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
DATA 200
OK truncated
/ Frame 9556 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e263a65d584e32751ee55ce6838371a043c6e7740a5c63913a7b458cc0f9e41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7B17 0
0 238ms
235ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=3540711992&adf=1261879588&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&adsid=NT&dt=1556113574523&bpp=70&bdt=905&fdt=157&idt=155&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=4&pv=2&ga_vid=826852857.1556113570&ga_sid=1556113574&ga_hid=1464551107&ga_fc=0&iag=15&icsg=11452896682&nhd=2&dssz=34&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=10&biw=1600&bih=1200&isw=728&ish=90&ifk=3571728399&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.vjrg2j3wm043&fsb=1&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=3540711992&adf=1261879588&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&adsid=NT&dt=1556113574523&bpp=70&bdt=905&fdt=157&idt=155&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=4&pv=2&ga_vid=826852857.1556113570&ga_sid=1556113574&ga_hid=1464551107&ga_fc=0&iag=15&icsg=11452896682&nhd=2&dssz=34&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=10&biw=1600&bih=1200&isw=728&ish=90&ifk=3571728399&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.vjrg2j3wm043&fsb=1&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlpa2BzELBDXMQS-3_CAyZtTDq3FF8_ImXNypupBw2LL1CL0uUNSorzM0y8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Apr 2019 13:46:14 GMT
server: cafe
content-length: 43300
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0BAA 0
0 217ms
205ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2560515233&adf=3173537227&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&dt=1556113574639&bpp=21&bdt=1614&fdt=74&idt=72&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=5&pv=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=233629993&ga_fc=0&iag=3&icsg=11453224282&nhd=1&dssz=32&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=3525&biw=1600&bih=1200&isw=730&ish=90&ifk=2311030223&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040010&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=3&uci=3.d0cyaqovzk39&fsb=1&dtd=85

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2560515233&adf=3173537227&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&ea=0&flash=0&wgl=1&dt=1556113574639&bpp=21&bdt=1614&fdt=74&idt=72&shv=r20190417&cbv=r20190131&saldr=sa&correlator=3154250262016&frm=23&ife=5&pv=1&ga_vid=826852857.1556113570&ga_sid=1556113573&ga_hid=233629993&ga_fc=0&iag=3&icsg=11453224282&nhd=1&dssz=32&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=3525&biw=1600&bih=1200&isw=730&ish=90&ifk=2311030223&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040010&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=3&uci=3.d0cyaqovzk39&fsb=1&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlpa2BzELBDXMQS-3_CAyZtTDq3FF8_ImXNypupBw2LL1CL0uUNSorzM0y8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Apr 2019 13:46:14 GMT
server: cafe
content-length: 327
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
DATA 200
OK truncated
/ Frame 23CB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02032a759053cc02e5e43bc8bb89fc482ace9f34e739ababbcdcb0009b67bc6e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ 44 B
332 B 45ms
44ms Image
image/gif 52.211.205.80
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=yXzbUIusJR6AP8wxKb96zu9ONBLUM1556113571&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1556113571797550&c30=bldv,6.0.0.333&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&c73=phtype,&c74=dvcnm,&c62=sendTime,1556113573&rnd=720792
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.205.80 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-205-80.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:14 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 9B16 0
0 62ms
32ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|gu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 6967 0
0 53ms
32ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|gu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 82C6 0
0 49ms
32ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|gu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 620A 0
0 46ms
36ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; pd=v2|1556113575|gu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|iygu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 8683 0
0 39ms
37ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; pd=v2|1556113575|gu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|iygu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 3720 0
0 31ms
30ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
accept-encoding: gzip, deflate, br
cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; pd=v2|1556113575|gu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content

Response headers

status: 200
vary: Accept
set-cookie: i=13c4a165-3916-00de-34eb-152e75c238e4|1556113571; Version=1; Expires=Thu, 23-Apr-2020 13:46:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556113575|iygu; Version=1; Expires=Thu, 09-May-2019 13:46:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.132.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 24 Apr 2019 13:46:15 GMT
content-type: text/html
content-encoding: gzip

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 153ms
151ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5pao,time:2359,type:e,es:0,sc:1,ha:1,gm:1,slTimes:{i:2360,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[2163~100],as:[2163~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:235,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:15 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9556 42 B
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6SWMdrfNKyU4GzO0_vCfuUrCY4mnS_mT7Kw8nb5Dugs_mFTO55gT-bL6t6ACrQKxLuS74K_KG3o3BpWtDCZXjGz3nJzYqRTF26_jFfR0&sig=Cg0ArKJSzHNhHf5EBljNEAE&adk=2338238382&tt=197&bs=1600%2C1200&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&p=10,310,100,1038&mcvt=1060&rs=3&ht=0&tfs=560&tls=1620&mc=1&lte=-1&bas=0&bac=0&avms=geo&rst=1556113573984&rpt=101&isd=0&lm=2&oseid=3&xdi=0&ps=1600%2C3770&ss=1600%2C1200&pt=1424&deb=1-1-2-15-15-10-20-14&tvt=1612&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&r=v&id=osdim&vs=4&uc=9&upc=0&tgt=DIV&cl=1&cec=5&clc=0&cac=0&cd=0x0&v=20190422

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1
https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&mm_bnc&mm_bct
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4fc5cc0-611e-4300-9918-a2560d2c9cd2

43 B
256 B

28ms
28ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4fc5cc0-611e-4300-9918-a2560d2c9cd2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.132.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:15 GMT
server: OXGW/16.132.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 24 Apr 2019 13:46:15 GMT
Server: MT3 867 47ef053 master zrh-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4fc5cc0-611e-4300-9918-a2560d2c9cd2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 24 Apr 2019 13:46:14 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9556 42 B
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSv9n3IrWf2NBlqikbDkTR2kZ0wIul8cNSd8lbb2mXPFuekLLVI3Ze1C5R8fIleHhc2c-O1XNNvEYU-HmcXEikffCBdcBwPePqzydeVAw&sig=Cg0ArKJSzBMouMWBT_jOEAE&adk=1060057622&tt=2497&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=10,310,100,1038&mcvt=1027&rs=3&ht=0&tfs=1489&tls=2516&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1556113573690&rpt=1708&isd=0&lm=2&oseid=3&xdi=0&ps=1600%2C3770&ss=1600%2C1200&pt=20&deb=1-1-1-9-23-21-68-22&tvt=2498&is=980%2C90&iframe_loc=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&r=v&id=osdim&vs=4&uc=17&upc=1&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=728x90&v=20190422

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Apr 2019 13:46:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp Show response
chickensstation.com/v2/0/ 139 B
221 B 22ms
22ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/zap1hbYq0t9eVIO1Kd2hfJMEDkypWaqlPT4iScnC722vsSO9STmOqZ-vwcvohu6h-Ht6iEp
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 661df245602130de80945bd1c7cc2a79ef1e1247d196355db432d81d541f52df

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Apr 2019 13:46:16 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: mona
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 139
expires: Wed, 24 Apr 2019 13:46:15 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 149ms
148ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5pUW,pingTime:5,time:5245,type:p,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5245,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5048~100],as:[5048~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:18 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 140ms
140ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=a3e1e32c-3d41-1b10-f34d-a7128f6c4448&tv={c:aI5pUX,pingTime:5,time:5246,type:pf,clog:[{piv:100,vs:i,r:,w:980,h:90,t:219}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5246,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:219,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5049~100],as:[5049~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:rozbY6d+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c*.7529|1c1|1d.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:18 GMT
X-Server-Name: dt01dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 139ms
138ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5pVn,pingTime:5,time:5245,type:p,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5245,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5026~100],as:[5026~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:416,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:18 GMT
X-Server-Name: dt59dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 140ms
139ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=3aecb5e2-2e76-48b9-f76a-68e17a3b9148&tv={c:aI5pVo,pingTime:5,time:5246,type:pf,clog:[{piv:100,vs:i,r:,w:320,h:250,t:227}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5246,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:227,wc:0.0.1600.1200,ac:1013.481.320.250,am:i,cc:1013.481.320.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5027~100],as:[5027~320.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:416,fm:rozbY6A+11|12|13|141|142|151|152|153|16|17|18|19|1a|1b|1c1|1c2|1d*.7529|1d1|1e.7529|1e1|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/news/outlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Apr 2019 13:46:18 GMT
X-Server-Name: dt48dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&tg_i.site=onmsft.com&tg_i.pos=atf&tg_i.adunit=general&tk_flint=pbjs_lite_v1.38.0&x_source.tid=80c18ad8-dc6a-4937-acd7-879a8a45c561&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.23898830323076226

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&tg_i.site=onmsft.com&tg_i.pos=atf&tg_i.adunit=general&tk_flint=pbjs_lite_v1.38.0&x_source.tid=4a0b785b-2faa-4de1-89bc-27826bfdc141&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5040800678563242

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2Fnews%2Foutlook-com-was-hacked-and-its-worse-than-expected-as-hackers-also-had-access-to-some-email-content&tg_i.site=onmsft.com&tg_i.pos=btf&tg_i.adunit=general&tk_flint=pbjs_lite_v1.38.0&x_source.tid=70e920a7-aee8-4d8e-b69b-d906bc4b5756&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7474571482675179

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onmsft.com/	1970-01-19 09:00:49	Name: __cfduid Value: d7a9ebcb458bebc09126ccd15a59969451556113569
www.onmsft.com/news	1970-01-19 00:16:39	Name: more_page_author Value: 1
www.onmsft.com/news	1970-01-19 00:16:39	Name: more_page Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1) Message: ZD Core :: Outbound Link Tracking Initialized
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.95.js(Line 32) Message: a: 0.001953125ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
admiral.mgr.consensu.org
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
api.skimlinks.mgr.consensu.org
as-sec.casalemedia.com
beacon.krxd.net
c.disquscdn.com
cdn-gl.imrworldwide.com
cdn.krxd.net
cdn.nsstatic.com
cdn.static.zdbb.net
cdn.syndication.twimg.com
chickensstation.com
cmp.teads.mgr.consensu.org
consumer.krxd.net
dapperfloor.com
disqus.com
disqusads.com
dt.adsafeprotected.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.pcmag.com
googleads.g.doubleclick.net
gurgle.zdbb.net
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
loadeu.exelator.com
native.sharethrough.com
ns.zdbb.net
p.skimresources.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.adsafeprotected.com
pixel.wp.com
platform.twitter.com
r.skimresources.com
referrer.disqus.com
s.skimresources.com
s0.wp.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
t.skimresources.com
t.teads.tv
tags.bkrtx.com
ton.twimg.com
tpc.googlesyndication.com
us-ads.openx.net
vendorlist.consensu.org
walker.zdbb.net
winbeta.disqus.com
www.google-analytics.com
www.googletagservices.com
www.onmsft.com
x.skimresources.com
zdbb.net
ziffdavis-d.openx.net
fastlane.rubiconproject.com
104.111.241.32
104.244.37.20
104.244.39.20
104.244.42.136
104.27.155.67
13.35.253.26
147.75.102.200
151.101.0.175
151.101.120.134
151.101.128.134
151.101.192.233
151.139.128.10
172.217.18.98
173.241.240.143
173.241.240.220
184.31.90.128
185.29.133.52
185.64.189.112
192.0.76.3
192.0.77.2
192.0.77.32
199.166.0.26
199.166.0.32
2.16.118.106
2.19.45.224
216.58.207.38
23.38.55.104
2600:9000:200c:2000:2:42d9:3100:93a1
2600:9000:200c:7200:2:42d9:3100:93a1
2600:9000:200c:9e00:1:af78:4c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:50a6
2606:4700::6813:c697
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:4001:825::2001
2a00:1450:400c:c0a::9a
2a02:26f0:6c00:19f::13b2
2a02:26f0:eb:38e::2c92
34.242.73.134
35.186.219.42
35.190.40.172
35.190.59.101
35.201.117.115
35.201.67.47
35.201.98.64
37.252.173.27
52.210.77.107
52.211.205.80
54.171.7.149
54.228.183.152
95.100.196.14
95.100.208.18
95.100.209.151
009903ce6677daaf68c585e8bfe78a26e8ef474cb40e403c4a797ac36811f9ac
02032a759053cc02e5e43bc8bb89fc482ace9f34e739ababbcdcb0009b67bc6e
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0631c81006e2dfb3bbc9ef30b6ccee3163ad6c7348044d3b7606ef1d68d93eae
07fa03f1e5fef6c5ee89c033aa08a86d1e791714aa6437142823c8e5adea8a93
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
126a9babed80863a7d4bb61492391e41e38b91616ccfb288f6e52127952ed8ae
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
14815d3ad86f0839b16208a0d832d3695822c6d9bb9fc242b946cecad46799a6
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc
14efa05c614dc9f7efc094190a7829e017f2fae8b6aa469de0aae692f5e763be
16789c63d93551d05463d71ba1aeac56c7591a8dff65c12f6eadc26bd4c43b8b
16eafa59f5ea2e9c970ee5c536f3ae79e72b67daba2c683525cbb22e7fa06aad
1aa10cc4247add4f4fe1e5de8f43f622ed414a0fb1f6c88180ca66e0d7890a43
1aa7dbc2f1636d646cbd2998a329c5bddfcb0e87d83aac407c29e86f79f397f2
1b225490811d67c17670e1600f115509dc1bc9ae589e26ebffbb07f0a6d2bd79
1e291bbb3e4fb297a94692ab518e3640c78e230baa4c94443bf0b5029113ffa2
1f1581edceb3c5588e77849cdc625a6ab4a4839ae99b7ee71bc2180453d60532
202f3b4f4f1257170b0613650becfded7a7f89b1905c0fe16c79f25bf18a6b40
2140372ece2cfab238453f838c69a30459f8f61958e106ae01b88e770f6e51f8
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27fc9a45b9993bc868b14bb28533cf5def1b13051b0839b032685ef731b07fbc
28ae559502a1a0ec542557b315daf48cee77071f5cba0975c7336d42cb97fd54
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
2c42fa2e7556fc5f1623541869c2d1196760e112f9ef020bcce572e0b4ed67d4
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2e367e5afc4bad16e13a47cca921dfe7b6c27e51506c45a0ef716cad44fdb3a9
30a00b1b42b0833d71fd12651693b92a4476f70461db534723b18b08636d64b7
3149de0e6c9bb62c85ba02a5a6793679fff9817b9ec35dcaaea8110ccd453d95
32300badad2d054b366f98b742b1ce60214e32938501dfc3e79b26ad395ba8cf
324f33bcba4bca3e62e5d0e7cda4011ef5ad7d3756b3f475bc9b23463fab644f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f686a53d5d20bea5490ebac8375c554600c6078144fc2aa661c2c70b1d7e0e
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
33adf855a03023a767d54515b2613df379f9f656427ecdf28b57036a57715f0e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36168adba49d66221c24e1ab52e981036913f4247884d109b632ce24b2820ef5
36b1379bd273a0435239291450df12dff051d93a4fa09ab55631d1f47b8a14b9
395419e9adc479ba3b53c1d5e5c206db350e2682a0da07e1ee82fb7792ec4e04
3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3f20dff9ff6d39a8ffe547b853a4e0904bf11d7b02d2e687ad8f37b69a971c3f
4405971d9a1b4f010f0fe21a7706dc781f4ca59ac1b536a91dd89d2a6e3154fb
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
466cf0e1c509bdc12e94455107dbc76ceb7dcebb86edf4a8adf29ad35d6ea539
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
4b202fc39cdb9409f72ca54f2ab36d88e5c2b9561b17103f006f5ee4ecbdeb38
4ce4c888581c99edd5b66209c1b5baf62547a64828d52a5af53467cabab0827a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4f937d132f32904c462b805ca52cb60c82f05475e9c9a3e1bf1a186ff7bcf296
509d321bf5ebfd2abb6e40c2844594317674d2d9e403e3fd95906a85cf11ed1f
5689f3d6640befe887d11fbdbe526ce4c8bbb16d7eefe0c15c4994484a2c8997
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa877a3dffa69ab80782fb9d5f5510a00e90b174ac5280e930fe30a680353a8
5abf0c3555cff7b63e38f6e7b8e7f56896937c0c2cc97cfaee7997c443e3e254
5c9c75c73ac3e24076825baeed4668eab6a789d6f90d80dee13cebc4919676af
5cf931522604c2fd9bb71b09f2dd9fba453d98d82751faa33240b26b983d4ac2
5e9d5d7f0c649b8afca5ec420809ba9a6067a5dddd25be954f27c2ae034a1121
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fab70ad6c30e6b7e87b4a073272bb187d4772edcef06fe27db166daaec15039
6427f62cfeed2a0ab33a3790ac2592992806cd1109221ef7bc991943a38c5856
661df245602130de80945bd1c7cc2a79ef1e1247d196355db432d81d541f52df
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
687acb8aeb86f7c27520294c820dce24828b3d694c56af53d640f6fbe06d92c7
68ac8c1ab5b4eac95c3c3d07bfddf48e84bd4cdca6e94c204455e3de71da9c3b
6aeac9430126c9c8889adccde8821096139ac9946f962da1a49089fab5fd9208
6e73f2421834662d82b43cbb91ecdd8310cdd727cc19f620f41410756ad13dda
6f4052336dfa5f709231973850a4e3ca59690d4aeeda678d84aae463b68132ca
830ce433f7ca55cc4225cf953b38d53f1912e4b8a28b88cd37a77dede506c993
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858dadecea2e9a27ef2a8e128b7705318be68a3612f134b3a117dc318c6a76b3
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
8bff5d60fc7c831f91f141ab07b464b597737afe081d41e04104fe268fcfb231
8e263a65d584e32751ee55ce6838371a043c6e7740a5c63913a7b458cc0f9e41
8f75ee8a760c4319b767725c06ad12a0f5291c38fe35e93cbe59c18f02fdc248
90e4b2e2d53a75212e146dbfdf4a3e61177a951c59a5598fd4568775f3ff3a19
9291fdc44bccd9b470eddfb7e2326370687526185eeea097a02541d08b60ef53
932c6a7798bd1865809904d4d9c5d748ef845a0abe4abc51ef45d4d132c4fad7
981b5595643a08a0204fe05e983a443432c3a6c88d5f645d41fb473c8e982ec5
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d
9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3
a05c79b83ccab976092d6a98219e3d3859faff27eb9c648ba72e9f01bbce9cba
a07386c88b761e04fe5b384ad68eec9f234672b386f35761644d1acc6d63c87d
a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94
a2f78a983f41c7e84b1d92dade3d0e1da1fd2533d9f4717d390f42defd1e6f30
a385a3c6ab8b52c84cadec76467954e0fccb0a5435c85de3726ef6198ec746eb
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aefd9e79e2f49d0eae553325504d34b3a80a33bd9fcdbd19e521271462b55601
aff791d444bc4e71c6ac058a5e73177fcd3b79472576339d33cb6b19cc9195a2
b0b58d220721ed39431995073d5b7088f6b949cfa910902176e7fe680d14f92a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31c5d6db3361a830539f258989d9c3e9d218a58f60540412856cab9c8de32ac
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b5e12dc14776a9d715f1c5b473ee43e07451bd2cc7e345118d02f6aff76e663d
b73336a70c8e2b73cd8e349c54db26910f6f1c51be47806790252b72587ebf24
b8e751de1d8a4d5ce76d3dbe0052e6efc783978164441a5d4b75ca904d696732
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
ba627ca74e37193fcc5a4e83f6fd24ed5b5a26c8e26ccc51ea30b3c118910906
bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17
bc74b03d39709f9cebe84c29501bedba890198e549c12c43cd977ab94d530727
bcc326a932512b85b357a85eff7a4d53ba307b8f98dda12d03e5f093d35f1fc3
c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde
c151d9ee92f2bee8d3359c62f62111314264af0405de53833335675cc87b12e6
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c4adc13921b378d59dc1567dbf768ffb04377ace6d2c7fd01dfd950db9dd6d1c
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
c7bdbbdc5796065794e3ffcfdd995fd7a43c618e3a56707e133f72f5ca57cd1b
c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac
ccc8413bc09ee8ffe0688a01b0059677c9cc298e6098aa01b7afdcc7f6d31bcc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa07d11153ad01808256f0869fb00c4b1d3999f2ad31d563271410d2bee804c
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d10255e845f635e8b5567e4c8f8661e2562abf656f2dceb62bf7bf55b1193c3e
d55d784de8d3753e83c9051a7d2f6f6e2ad20127441d7da00bcc96e93c165f19
d59ec5391f2871628f32a827276c03a77c92b0544b3ac39c467b522c6f3f5aaf
d5aafb5bae0b9b44510ea2c1d1d726e5bc982a8f22f72a0843477c80df490e16
d6a84aebc6725c5ed675f60c93bbb5ed9b078b77646adb5078001b33561915c2
dbd0425550d0738c39c0f6ffe17880245425dccd356d77a5e0e30f9845fc90ca
dcd1780e0cbc098919b2c0affc3af8b9cf9eb70faa1c5678feb25f0f1d0bbcd5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
dedd927f59644ce29e23d3a942b6e84a875de4cc0afe541a5ad9d82269197c6b
e0a1124e3584a0a22e99264c61a15b8e192433e8eb8a9a7efc53d76f3c061aab
e0fa8be006ea1cf58adb96c2017bcb6f69c08f589741628cdf6c2735fd0770b8
e139f405167783a417ee19c7635b2921bb0c67a40464af2986ae4c673b245ee3
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73035342ef69a696cf2e1ddda0c23b03e39d415307cfed23c75e8899e38f4be
e9c159a06587b466351249e9fd57fc470d738b56e2a1da569c0dcc9f5c9cf552
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed60479e079b9e6d5280c6fdd11636fd55a11ebf935bd8dc09c6c66eb77bb3da
eed854d2588f3afad208a8b8e5d6bd957d7489b876157239ea35ead4fff3efae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9
f73a8628a54324892b4544c30158e8c510a3245056973a3bcd31fe39455af87f
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.onmsft.com Open in urlscan Pro 104.27.155.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

263 Requests

99 %HTTPS

31 %IPv6

39 Domains

74 Subdomains

58 IPs

7 Countries

2869 kBTransfer

8522 kBSize

3 Cookies

12 Outgoing links

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onmsft.com Open in urlscan Pro
104.27.155.67 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

99 %
HTTPS

31 %
IPv6

39
Domains

74
Subdomains

58
IPs

7
Countries

2869 kB
Transfer

8522 kB
Size

3
Cookies

263 HTTP transactions
18 data transactions